Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

MAC lock on Switch

What is the best way to fix an IP address to a switch port? So unless changed manualy only that IP will be able to send traffic through that port.

Thanks

6 REPLIES
New Member

Re: MAC lock on Switch

The port security feature will lock the port down by MAC address. This won't prevent a change in IP address on the device but will prevent a new NIC connection (or MAC address change) on that port.

Check syntax for your IOS/CatOS version.

eg # set port security

or # switchport port-security

Hope that helps.

-Mulder

Anonymous
N/A

Re: MAC lock on Switch

thanks, I'll try it and will let you know how it worked.

Re: MAC lock on Switch

You might also try to use

arp ip-address hardware-address type [alias] (http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/ipras_r/ip1_a1g.htm#1079866)

command in your router config.

This might prevent a traffic from a different MAC send data through the router with the same IP address.

(But I've not tested if it really works.)

Regards,

Milan

Anonymous
N/A

Re: MAC lock on Switch

Ok, it worked realy nice but because we have 4 switches after enabeling "switchport" I couldn't access the other switches, they wouldn't respond to pings either. I looked into commands such as "switchport mode access" and "switchport access dynamic" etc. and nothing. If I have multiple switches on the network do I maybe have to make'em all "switchport". I have no VLANs exept for the default VLAN1 and here is my config for each port they are all the same:

interface FastEthernet0/1

switchport mode access

switchport port-security

switchport port-security maximum 1

switchport port-security violation shutdown

no ip address

New Member

Re: MAC lock on Switch

Just to check, if you have that config on your switch uplink port (i.e. the port that links one switch to another) then as soon as that port sees more than one MAC address it will shut down (this is what the commands

switchport port-security maximum 1

switchport port-security violation shutdown

do. Ideally you need to take the config you posted OFF your uplink ports.

Anonymous
N/A

Re: MAC lock on Switch

ok, I'll try.

Thanks again

1754
Views
0
Helpful
6
Replies
CreatePlease to create content