eemoon
asked on
mac-address table can be used in control-plane to restrict/allow specific user's pc log in router/switch ?
Hi I would like to setup mac-address acl in control-plane in order to restrict/allow specific user's pc log in router/switch. If I attach the mac-address acl to vty, it looks like it could not work. So I want to attach it to control-plane. Do you think it is Ok ?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Thank you so much for your fast reply.
I am sorry that I typed wrong. The title should be "mac-address acl can be used in control-plane to restrict/allow specific user's pc log in router/switch? "
I am sorry that I typed wrong. The title should be "mac-address acl can be used in control-plane to restrict/allow specific user's pc log in router/switch? "
Doing this with COPP is a lot of work with no benefit.If we do not use Copp, how can we resolve this issue ?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you so much for your suggestion !
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The MAC address table is in a router but is not a very secure way of prohibiting a guest or allowing a guest. MAC filtering normally excludes all but listed guests.
I normally secure the server against undesired logins (that is, make server access secure). That way, if a user has a machine they attach to the network, then they need network credentials to logon to the network devices and cannot if they do not have the credentials.
Wireless routers are very secured against unauthorized access.
None of the above is done via Control Panel, however.