Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

CAT 3550 Permit Specific IP address on port

Hello,

I have run into a scenario where the objective was to only allow a router to connect to a 3550 port if the router had a specific IP address assigned. I know how to do port security with a mac address but how can this be done with IP address? If an ACL is used then it would have to be updated for any networks that are added behind that router and really doesn't address the objective of limiting the connecting router's IP address.

4 REPLIES
Community Member

Re: CAT 3550 Permit Specific IP address on port

3550 - cannot filter IP traffic based on MAC addresses

Community Member

Re: CAT 3550 Permit Specific IP address on port

I am not trying to filter IP based on MAC. I am trying to filter IP based on IP. Take away MAC filtering. How can I allow only a specific IP on a switchport without affecting transit traffic that may generate from behind the device on that switchport.

Community Member

Re: CAT 3550 Permit Specific IP address on port

hello,

you can use the route policy for it.

Community Member

Re: CAT 3550 Permit Specific IP address on port

Thank you for the response. However, I believe the same that exists with ACL will exit with route policy. You still have to match some source/destination address. So if you lock down to the IP address of the router on that port you block out any transit traffic from behind it. If I am wrong please explain.

Thanks,

Jason

99
Views
0
Helpful
4
Replies
CreatePlease to create content