Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Only permit 1 MAC address on 2924 switch interface?

I want to permit only 1 MAC address on an interface of a 2924 switch?

How can I do this?

8 REPLIES

Re: Only permit 1 MAC address on 2924 switch interface?

Hi Friend,

I am not sure if you can define a specific mac address or not on 2900 Xl switch but you can configure port security to allow only 1 mac address but that can be any mac address which first connectes to that port.

configure terminal

interface interface

port security max-mac-count 1

port security action shutdown

Iy any other machine will be connected to this port the port will be shutdown.

HTH, if yes please rate the post.

Ankur

Re: Only permit 1 MAC address on 2924 switch interface?

Ankur,

i would like to prevent that the user of this port installs a hub/switch and share his dedicated link.

Can if verify which MAC address is used by the port security command?

Re: Only permit 1 MAC address on 2924 switch interface?

Hi Friend,

Sh port security command will just show you the count of mac address learned on that port

http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/29_35wc6/cli/clicmds.htm#xtocid118

But to verify the mac address on the port you can run a command

show mac-address-table interface

http://www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/29_35wc6/cli/clicmds.htm#xtocid108

HTH, if yes please rate the post.

Ankur

Re: Only permit 1 MAC address on 2924 switch interface?

Thanks Ankur,

it works fine ;-))

regards Marty

Re: Only permit 1 MAC address on 2924 switch interface?

#$%*#%#*

I reacted to fast. It doens't works ;-((

The port directly shuts down when the correct system/MAC is attached.

When another PC is connected, everything works fine.

Even when I disable the port scurity, the allowed MAC is still not accepted.

PLEASE HELP...! I'M RUNNING OUT OF TIME..!

###########################

interface FastEthernet0/24

description Link-to-Museum-Geb

port security max-mac-count 1

port security action shutdown

switchport access vlan 2

end

Re: Only permit 1 MAC address on 2924 switch interface?

Hi Marty,

Can you check which mac address is there on that port currently cause when you give max-mac-counte the first mac which is learned will not allow any other mac to get in and will cause a violation if port security is configured for that.

If you clear that mac address from mac table it should allow any other mac

HTH

Ankur

Re: Only permit 1 MAC address on 2924 switch interface?

Prior to this command,

i checked the mac address which was learned by the switch. And that was the correct MAC..!?

New Member

Re: Only permit 1 MAC address on 2924 switch interface?

Marty,

just try it fresh wipe the mac address out and verify it is clear then plug the correct device in and check again, then unplug and plug in something else make sure it shuts down, re-enable it and plug in the right thing again, it works for me..

-WM

HTH

284
Views
0
Helpful
8
Replies
CreatePlease login to create content