Mac Based Access-Control
Ever faced a situation where-in you have your servers in a single Vlan (same subnet) and you want to prevent them talking to each other? You may want to do it for security purposes, what you are securing is that if any one of the server gets infected you don’t want that to be spread to others. However, each product has its own way of doing things.
So for a 6500 Cisco switch, you do it as below;
For Catalyst OS:
set security acl mac <AclName> deny <FirstServerMacAddress> <SecondServerMacAddress>
commit security acl <AclName>
Take a peek to this config guide at Cisco Site.
Categories: Access-Control
Rajeshji,
I am trying to setup Dot1x authentication for our company wierd users. got one cisco 3560 switch as radius client,ISA as Radius server and using windows XP as client.Configuation done in switch to enable Dot1x authentcation.
In XP we use Authentication as MD5 – Challenge. now when i connect to Switch port it immeadiatey asking username and password. but after giving the credentials its rejecting the request.
Using MD5 challenge authentication in XP can i achieve the port authentication?
Thanks
Shibu
ss.shibu@gmail.com