I have a 200 node network. Is there any way to get the MAC address of all the end nodes from the switch? How can I provide access to network with know MAC address list? I have to prevent visitors plugging their laptop into our network.
Q: Is there any way to get the MAC address of all the end nodes from the switch?
A: From the switch, issue command 'show arp' or 'show mac-address-table'.
Q: How can I provide access to network with know MAC address list? I have to prevent visitors plugging their laptop into our network.
A: So far, MAC address suthentication is only available for wireless AP only. But you can use feature called 802.1x (switch port authentication)
With this, any machine connected to your faceplate/network (which is connected to switchport enabled with 802.1x) will get authentication prompt. User need to use their own user ID & password. This will prevent anyone, including visitors to easily gain access to your network.
But to achieve this, you need authentication server like Cisco ACS. 802.1x uses radius authentication protocol. Enable aaa authentication your switch as well.
You can refer to the following links on how to configure 802.1x for access devices:
For smaller network, if you do not have authentcation/radius server, you probably can register mac addresses in the switchport, BUT this is a less-preferred solution. Imagine of you have 20 hosts and switch with 24-ports. You need to key in 20 times of MACS each port!
Enter configuration commands, one per line. End with CNTL/Z.
ACL range/ID for MAC:
<700-799> 48-bit MAC address access list
<1100-1199> Extended 48-bit MAC address access list
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...