At one of our remote sites, I implemented port security. There are 20 users, 2 printers, and a router. At this location, I have a Catalyst 2950.
I first enabled port security with the "sticky" option to learn the Mac
addresses of the pc connected to the interfaces. I then changed the
interface statement removing the "sticky" option. I did this because,
the Mac addresses learned while in sticky mode are not retained during a reload.
2 of the workstations were laptops. The users of these laptops wanted mobility to move their laptop from their office to a conference room.
Can you imagine!
I needed ( actually, my boss demanded) to have port security. Cisco ios would allow a Mac address to be assigned only to a single interface. Oh my! What should I do?
I reserved the IP address of these laptops in the DHCP server. Then I implemented an IP address ACL on the interface connected to the conference room.
The result .....
My boss is happy. Yes!
The users are happy. Well this is good also.
I am happy. I was able to dust off my ACL skills
Keep Up with TechRepublic