Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Bridge access control

Currently we have a network with a DHCP server, users from outside our company can easily plug into the network outlet and receive an IP address.

Eventhough they aren't joined to our Windows domain, God knows what they can do to our network.

We're planning to restrict the access by registering only the permitted MAC Address to connect into our network, therefore forcing any new user to register their MAC Address first.

Is there any methods to implement this other than using access-list 700 ?


Re: Bridge access control

If you are using Catalyst 4000/5000/6000 for your LAN, you can configure port security and specify which MAC address is permitted on a specific port.

In addition you can configure the DHCP server to give addresses to clients only based on their MAC address. No MAC address defined in the server, no IP address for the client.

You can implement both for a better security policy.

CreatePlease login to create content