Port security on Catalyst 3560 switch.

I have a Catalyst 3560 switch. I want to block a port to only allow traffic from 1 MAC address. How do I do this?
LVL 1
Neptune ITAsked:
Who is Participating?
 
ffleismaConnect With a Mentor Senior Network EngineerCommented:
Switch(config)#interface FastEthernet X/X
Switch(config-if)#switchport mode access
Switch(config-if)#switchport port-security
Switch(config-if)#switchport port-security maximum 1
Switch(config-if)#switchport port-security mac-address 0006.5b02.a841
Switch(config-if)# switchport port-security violation {shutdown | restrict | protect}

shutdown - port goes to err-disable
restrict - port stays up but packets are droped and can send SNMP trap and syslog
protect - port stays up but packets are droped, no record is kept or syslog message sent

you can also try
Switch(config-if)#switchport port-security mac-address sticky
instead of
Switch(config-if)#switchport port-security mac-address
command.

with sticky option, the switch gets and stores the mac-address of the first device you plug-in

hope this helps :-)
0
 
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
interface FastEthernet0/4
 switchport mode access
 switchport port-security
 switchport port-security maximum 1

end


/Kvistofta
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.