Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Mac address filter in Catalyst 2900 XL 1

Status
Not open for further replies.
vacevedo

vacevedo

Technical User
Sep 18, 2002
6
0
0
MX
I have a group of mac addresses and I want only this group of mac addresses to have access to the switch ports I select.

I haven´t found a way to do it in a Cisco Catalyst 2900XL 24 port switch.

I'm using the 12.0(5.2)XU, MAINTENANCE IE, IOS version.

Thanks in advance.
 
Sort by date Sort by votes
Hi,

I guess that solution doesn't fit my requirements, because in a Catalyst 2900 that sentence will only control the amount of mac addresses permited for that interface or the action to take in a specific case.

But not for a group of mac addresses that is going to be in some ports.


Thanks a lot.
 
Upvote 0 Downvote
You could try using the command;
port block {unicast|multicast}

on the interface.. which prevents the switch from forwarding unknown packets onto the interface. Then you would have to define MAC address in the static arp cache i suppose..

just a suggestion perhaps worth trying, i have not tried this particular command myself.

cheers

joel
 
Upvote 0 Downvote
What you are trying to do is possible.

First you tell the interface how many macs it can have, then you configure the macs allowed.

---------------------------------------------
int fa0/1
port security max-mac-count 2
!
mac-address-table secure 0010.A47D.AD65 fa0/1
mac-address-table secure 0010.7DE0.B56C fa0/1
---------------------------------------------

There. I specified the macs allowed on the interface, and I specified the exact macs.

Isn't that what you are trying to do?
 
Upvote 0 Downvote
What you are trying to do is possible.

First you tell the interface how many macs it can have, > then you configure the macs allowed.

---------------------------------------------
int fa0/1
port security max-mac-count 2
!
mac-address-table secure 0010.A47D.AD65 fa0/1
mac-address-table secure 0010.7DE0.B56C fa0/1
---------------------------------------------

There. I specified the macs allowed on the interface, > and I specified the exact macs.

Isn't that what you are trying to do?
----------------------------------------
This works for one group of mac addresses and one interface, the problem is I need to use the same group
on several interfaces.

Any clue ?

Thanks.
 
Upvote 0 Downvote
I see,

Yeah, you will have to run the same config for each interface.
signature-tektips.gif
 
Upvote 0 Downvote
I see,

Yeah, you will have to run the same config for each interface.

---------------------
Hi again,

the detail is, that, when you run the same configuration in another interface, this overwrites the first one.

Can this I need, be done in my 24 port Catalyst 2900 with 12.0(5.2)XU, MAINTENANCE IE, IOS version ?

Thanks.


 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

bfordz
  • Locked
  • Question
new help on setting up third party VoIP phones through Catalyst 2960x switch
Replies
0
Views
53
bfordz
bfordz
NavinNet
  • Locked
  • Question
Why 2 different mac addresses of a server are being shown of CISCO 6509E Layer-3 Switch ?
Replies
0
Views
43
NavinNet
NavinNet
PThomp3344
  • Locked
  • Question
Trying to connect to Cisco Unified Controller web interface: UC520W-16U-4FXO-K9
Replies
1
Views
95
bdk76
bdk76
stanlyn
  • Locked
  • Question
HowTo Install Multiple PAP2T ATA Devices on Same Lan
Replies
3
Views
91
iggsterman
iggsterman
Willi DB
  • Locked
  • Question
Polycom410 Forward an incoming call
Replies
0
Views
44
Willi DB
Willi DB

Part and Inventory Search

Sponsor

Back
Top