Unsolved
This post is more than 5 years old
2 Posts
0
11745
May 24th, 2006 20:00
How to define MAC ACL list in 3448 switch.
I have several 3448 switches and we want to limit traffic to only MAC address's defined in the switches. Currently it does not look like a single entry of MAC address's can be done. I don't think the 3448 will let me configure it that way. I need all traffic to be dropped unless allowed in the switch by MAC address. I could only find a "deny" command line reference for this switch. Do I need to purchase diffent hardware to accomplish this? It was also specifed that I can only make entries by port. I need to make a single entry that allows only the traffic defined in the MAC filtering option. Is this possible with the 3448?
ToeSide
1 Rookie
•
63 Posts
0
May 25th, 2006 08:00
1. MAC Based ACLs; The PowerConnect™ 3424 / 3448 series has the capabilities to filter out traffic from specific MAC addresses on the network. You can only use the 'Deny' MAC address, there is no 'Permit' option
2. Port Security; Port security prevents unauthorized access of a port by securing a list of specific MAC addresses to a port. If the switch sees a MAC address that is not on the secured list, it EXECutes a defined action (for example discard the frame and shutdown the port).
This feature is used to increase security by limiting access on a specific port only to users with a known source MAC addresses. These addresses are either manually defined on the port, or learned on that port prior to the point when the port is locked.
These MAC's are assigned on a per port basis, you cannot specify a general pool of MACs and reference it.
3. 802.1x Port Authentication; Port based authentication enables authenticating system users on a per-port basis via a external server. Only authenticated and approved system users can transmit and receive data. Ports are authenticated via the RADIUS server.
Hope this helps.