Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Catalyste 3550 and Mac address ....

Hello experts,

I am french (so please excuse my bad english).

I want to secure my network (a new one) by learning some MAC address. that is I do nothing during 2 or 3 days and all the MAC adress not in the MAC address table ("show mac adress table") have to eb rejected, is there a solution to this problem.

Please help me.

My second problem : is a software exists which can distribute a configuration to several switches. By example ciscoworks 2000 ?

Thanks in advance.

Best Regards,

Guillaume RENARD

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Catalyste 3550 and Mac address ....

Hi!

You could do the command "switchport port-security maximum X" The x is th maximum addresses that the port will learn before it starts deny. All addresses will be deleted if reboot or IF is shutdown. If you want to save your dynamiclly learned addresses - use "switchport port-security mac-address sticky". This will put the learned address to running config and saved when you do a "copy run start".

Remember that there are a max of addresses that one port can handle and that you cant activate this on a trunk port.

Ciscoworks has the feature to load config files for a batch. This can also be made with SNMP and some own scripts. If you only want to push out a few rows to all switches, check kiwi.com.

2 REPLIES
New Member

Re: Catalyste 3550 and Mac address ....

Hi!

You could do the command "switchport port-security maximum X" The x is th maximum addresses that the port will learn before it starts deny. All addresses will be deleted if reboot or IF is shutdown. If you want to save your dynamiclly learned addresses - use "switchport port-security mac-address sticky". This will put the learned address to running config and saved when you do a "copy run start".

Remember that there are a max of addresses that one port can handle and that you cant activate this on a trunk port.

Ciscoworks has the feature to load config files for a batch. This can also be made with SNMP and some own scripts. If you only want to push out a few rows to all switches, check kiwi.com.

New Member

Re: Catalyste 3550 and Mac address ....

Thanks very much.

Guillaume

86
Views
0
Helpful
2
Replies