Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

router securtiy

I want to limit 10 specific devices to route traffic over router. Can I achive this using statis arp entries somehow?

thanks!

3 REPLIES
Purple

Re: router securtiy

Static ARP entries will simply mean that the router will not send out ARPs requesting the MAC addresses of these devices.

The better alternative is to simply use an access-list to explicitly permit traffic to/from IP addresses belonging to these devices.

Paresh

New Member

Re: router securtiy

ok, so IP access list and static arp can make no other device with different MAC can use specific IP address?

Re: router securtiy

Hi ,

I think it would be better for you to use both , mac address mapping to the ip address and using an access-list allowing the needed ips .This may restrict the users to change the ip of their own machines for accessing certain sites ,as the access-list would allow , but mac-address mapping would not allow.

Hope this helps.

regards

vanesh k

216
Views
0
Helpful
3
Replies
CreatePlease to create content