Aruba & ProVision-based

Re: Only allowing certain mac addresses on switch

 
cgbullock
Occasional Contributor

Only allowing certain mac addresses on switch

We are going to be sharing an office with another company and I would like to set some rules on my switches to only allow devices that I know about.  We plan to connect to the office using Metro Ethernet from our ISP so this will be a Layer 2 connection with no firewalls.  We plan to have about 4 devices at the location, printer, IP phone, 2 desktops.  I plan to "disable" the ports not in use, but I want to lock down the switch so that someone can not take an IP address on the same VLAN and swap out a network cable with our equipment.

I have looked at static-mac but that doens't seem to do what I would like it to do.

Regards,

Chris

1 REPLY 1
LorenzoCastro
Frequent Advisor

Re: Only allowing certain mac addresses on switch

Hi Chris,  have you taken a look at port security with the port-security command?  With this you can setup up each port with a static mac address and force a few different responses if the mac isn't specified.

 

Hope that helps,

 

Lorenzo