I have run into a scenario where the objective was to only allow a router to connect to a 3550 port if the router had a specific IP address assigned. I know how to do port security with a mac address but how can this be done with IP address? If an ACL is used then it would have to be updated for any networks that are added behind that router and really doesn't address the objective of limiting the connecting router's IP address.
I am not trying to filter IP based on MAC. I am trying to filter IP based on IP. Take away MAC filtering. How can I allow only a specific IP on a switchport without affecting transit traffic that may generate from behind the device on that switchport.
Thank you for the response. However, I believe the same that exists with ACL will exit with route policy. You still have to match some source/destination address. So if you lock down to the IP address of the router on that port you block out any transit traffic from behind it. If I am wrong please explain.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...