Switch Port Security
If you want to ensure that only a certain device - for example, a server - is plugged into a particular switch port, you can configure associate MAC address of the server with that switch port. Switch will reject traffic with a MAC address other than that of the server.
Switch(config)#interface fa 0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport port-security mac-address 0030.A3DD.BB7E
Considering the figure shown above, ping from PC2 (1.1.1.4) to Server0 (1.1.1.2) will be successful.
Now consider the figure show below. Ping from PC2 to Server1 will fail because Server1 has MAC address different than 0030.A3DD.BB7E.
Last modified: Tuesday, 5 May 2020, 9:44 AM