HPE Community
Switches, Hubs, and Modems
1753663 Members
5709 Online
108798 Solutions
New Discussion юеВ

Re: Question about PCM

 
KSimpson
Frequent Advisor

тАО03-12-2009 05:46 AM

тАО03-12-2009 05:46 AM

Question about PCM

Is there a way for PCM to detect multiple MACs on a port at the same time?
0 Kudos
7 REPLIES 7
cenk sasmaztin
Honored Contributor

тАО03-13-2009 03:51 AM

тАО03-13-2009 03:51 AM

Re: Question about PCM

clik find node tab and write switch ip address on find ip

you see all mac address on switch port same time
cenk

0 Kudos
Javed Padinhakara
Respected Contributor

тАО03-13-2009 06:38 AM

тАО03-13-2009 06:38 AM

Re: Question about PCM

@KSimpson: On some PCM GUI flows, multiple MAC's would be detected, but may get filtered out,depending on the flow - so could you be more specific: are you looking out for some place where multiple mac's learnt on the port are displayed or something else?
For example in Port Access Tab, under the Port List tab, if there are multiple user-sessions(with different mac's), then this is one place such an information would be shown - via the User Sessions window launchable from this tab.
0 Kudos
KSimpson
Frequent Advisor

тАО03-16-2009 09:01 AM

тАО03-16-2009 09:01 AM

Re: Question about PCM

Yes, that would be what I'm looking for but I was wanted to set up a policy that could detect multiple MAC addresses on a any given port. I guess it's not a major problem, I can just set the ports to be limited-continous and it set it to the number I want. I was going to set it up to detect soho switches/routers.

One other question. When I set a port to limited-continous 1, is there a way to see what mac address is associated to that port other than show mac-addr eth "portnum". I have a device connected to a port but I'm not able to see the mac address on that port.

If a device is connected to the port with port security enabled, it should keep record of the 1st mac address that receives link on that port. So, if it has link but isn't talking, how does it know if another mac is associated to that port and is it the 1st mac?

I hope this makes sense. If not, Ill try to explain it a little better.

Thanks,
0 Kudos
Javed Padinhakara
Respected Contributor

тАО03-16-2009 09:36 PM

тАО03-16-2009 09:36 PM

Re: Question about PCM

>>I have a device connected to a port but I'm not able to see the mac address on that port.
If lldp is enabled, then 'show lldp info remote-device could get you the mac address ( check the "ChassisId" string ).

Also in PCM, if you right click a device in the tree and launch "Port Classification" - one can see the mac-address of the device on the other end of the link.
0 Kudos
KSimpson
Frequent Advisor

тАО03-25-2009 07:22 AM

тАО03-25-2009 07:22 AM

Re: Question about PCM

Thanks very much! Sorry it's a late reply. I've been very busy and I havent looked into this since. The reason I was asking is because I was wanting to detect multiple MAC on a port at the same time (indicating possible rouge AP/Switch) then I would be able to limit the port security to 1 mac as a solution. I could just set all the edge port to limited-continuous. It was just something I was looking into.

Thanks agian!

Another question...

Where are the config scans stored at? I know I can export the configs but when you have 2-3 configs for 500+ switches and only need the lastest config, it takes a while to get the ones you need.
0 Kudos
KSimpson
Frequent Advisor

тАО04-07-2009 12:55 PM

тАО04-07-2009 12:55 PM

Re: Question about PCM

Well, I created a script to read through the folder and copy the most recent config to a new folder. This is the best way I know know. Anytime I export the configs, it exports all the config it has stored. This means in my situtation 1 or 4 configs per switch and when you have a lot of switches, you have a ton of configs. The hardware and ROm configuartion isn't that bad because I can sort by the config type.

-------------------------------------------

On to another question. How would I create a policy to alert me when a particluar MAC Address connects to the network. I have a policy created to alert me via dialog box and email but I'm not getting it when the MAC address connects. For test purposes, in my Alert Filter tab, I checked "has severity" of < Critical and "contains" e. Since the letter e is everywhere I thought most everything will trigger and I would get to see what smnp string is being sent. However, when I add the MAC address to the "contains" field, it doesn't trigger. I'm assuming this is because the smnp sting doesn't contain the MAC address. How would I get this to work?

Thanks to everyone!
0 Kudos
KSimpson
Frequent Advisor

тАО04-30-2009 07:11 AM

тАО04-30-2009 07:11 AM

Re: Question about PCM

Thanks for everyone input!
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.