Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Restrict Network Access for a particular ip-address/mac-address pair.

Hi everybody.

We have a situation where in we want to restrict a paricular ip-address and mac-address combination gaining access to the network. The network comprises of

3548 XL(IOS 12.(5).WC5) at user end, which gets connected to a 4006 with sup-ii+4232l3+6port GBIC card. This 4006 in turn gets connected to a 6509 with sup-ii, which has got lot of servers connected.

what is best way to impose the above restriction and where. ?

Thanks in advance.

3 REPLIES
Community Member

Re: Restrict Network Access for a particular ip-address/mac-addr

P-

The best place to impose the restriction is at the edge. Have you determined what port/switch/interface the perp is connecting through?

-Bo

Community Member

Re: Restrict Network Access for a particular ip-address/mac-addr

Hi,

The user is connected to 3548(L2 device) and is trying to access a server connected to 6509 by changing ip address of his PC to that of the PC which is supposed to control the said server, after turning off that PC.

I hope i have made by self clear.

PMK

Community Member

Re: Restrict Network Access for a particular ip-address/mac-addr

VMPS is an easy and effective tool used in conjunction with port security...

If my memory serves me correctly, your 6509 will act as a VMPS server and just about all of the user switches can function as a client.

Ron

112
Views
0
Helpful
3
Replies
CreatePlease to create content