21 a4bb.6d10.5555 DYNAMIC Gi2/0/3 DYNAMIC Gi2/0/3 MAC Address Method Domain Status Fg Session ID-Gi2/0/3 a4bb.6d10.5555 dot1x DATA Auth 0A67FE04000004FE7E292422 Gi2/0/3 0004.f2aa.1111 N/A UNKNOWN Unauth 0A67FE04000004FF7E292D25. #show mac address-table int g2. Figure 50: The following example binds a LAN host’s MAC Address to an IP address served by DSR. If there is an IP/MAC Binding violation, the violating packet will be dropped.

Manual Dynamic Mac Address App

In this lab I used a Cisco Catalyst WS-C3560G-24TS switch [IOS Version 12.2(40)SE]. Using Cisco Port Security it is possible to associate a static MAC address to a physical port on a switch. This only allows one host with that specific MAC address to connect physically to the specified port. The interface configuration command you would use to accomplish this and shutdown the port if the rule is violated is:

Manual Dynamic Mac Address Labels

– switchport port-security mac-address [host_mac_address]
– switchport port-security violation shutdown

However, if you are attempting to assign static MACs to many ports, this can quickly become tedious and a dynamic approach would be more appropriate. The more efficient way to accomplish the task would be to apply the below commands using the “range” command option on all interested interfaces. This will permanently associate the first MAC address learned on the port to that port. If another host attempts to connect to the port after the association is made, the port will be shutdown. In the example below I demonstrate with GigabitEthernet ports 1 – 24.

Cisco Port Security with Dynamic MAC Address Learning