From: Syv Ritch (syv@911networks.com)
Date: Mon Mar 17 2003 - 15:52:38 GMT-3
On Monday, March 17, 2003, ccie1@hotmail.com wrote:
-----Original Message-----
chc> I want to only allow mac-address 0800.E4D3.A2D1 with ip address 12.3.1.1 on
chc> port fast-etjhernet 0/16 on my 3550. The requirement is to not use layer 3 or
chc> layer 2 access-lists. I tried using port-security with the mac-address but
chc> that doesnt seem to work. Does anyone have any ideas on how to do this?
What about:
!vmps domain <domain-name>
! The VMPS domain must be defined.
!vmps mode {open | secure}
! The default mode is open.
!vmps fallback <vlan-name>
!vmps no-domain-req { allow | deny }
!
! The default value is allow.
vmps domain DSBU
vmps mode open
vmps fallback default
vmps no-domain-req deny
!
!
!MAC Addresses
!
vmps-mac-addrs
!
! address <addr> vlan-name <vlan_name>
!
address 0012.2233.4455 vlan-name hardware
address 0000.6509.a080 vlan-name hardware
address aabb.ccdd.eeff vlan-name Green
address 1223.5678.9abc vlan-name ExecStaff
address fedc.ba98.7654 vlan-name --NONE--
address fedc.ba23.1245 vlan-name Purple
!
!Port Groups
!
!vmps-port-group <group-name>
! device <device-id> { port <port-name> | all-ports }
!
vmps-port-group WiringCloset1
device 198.92.30.32 port 0/2
device 172.20.26.141 port 0/8
vmps-port-group "Executive Row"
device 198.4.254.222 port 0/2
device 198.4.254.222 port 0/3
device 198.4.254.223 all-ports
-- Thanks syv@911networks.com
This archive was generated by hypermail 2.1.4 : Sat Apr 05 2003 - 08:51:41 GMT-3