Allow Only Certain MAC Addresses to Access Switchport
Posted by Tres Mon, 03 Jul 2006 15:54:00 GMT
In a school or business setting it is a good idea to secure switchports so that only certain MAC addresses will work.
This is, of course not foolproof, but it does make it so that a policy of “company only” computers is easier to enforce on the network. If a nefarious employee or student decides to, they can still gain access to the network. But with physical access to machines, if there’s a will there’s always a way.
interface FastEthernet0/5
switchport mode access
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
switchport port-security mac-address 000d.565d.000c
mls qos cos override
macro description cisco-desktop
spanning-tree portfast
spanning-tree bpduguard enable