Extreme Networks

Create Date: Jan 4 2013 10:04PM

This method is not very slow as ACLs are implemeted on the hardware though 48 ACLs would be a pain to configure considering u have 48 ports. The other way I can think is have static arp bindings and not allow dynamic arp learning from those ports or that VLAN. Not sure if it's possible though. Just a thought and it would definitely not be recommended.

The other thing that you can do which would be an easier implementation for me is have DHCP bindings. I think you can implement this on windows DHCP server. IP/MAC binding on DHCP server could be done. So whenever MAC X asks for IP to the DHCP it only gets Y . You would need a windows 2008 server to achieve this. I am not very sure on this either but I think our systems team had done something similar for few hosts on the network (from Arpit_Bhatt)

Create Date: Jan 4 2013 9:11AM

arbhatt wrote:
From what I understand you want a particular MAC be allowed on a particular port and not the others something like switchport security. Is that correct?

Check out MAC based 802.1X authentication and let me know if that's the thing that you were looking to achieve. I have already done MAC Binding, i.e., each port is now bound to a particular MAC Address. Now, I want to bind each port/MAC to its own IP Address. We are using a static addressing scheme, and need to ensure that each user uses only the IP Address assigned to him.

thanks 🙂

(from vikram_nair)

Create Date: Jan 3 2013 11:52PM

From what I understand you want a particular MAC be allowed on a particular port and not the others something like switchport security. Is that correct?

Check out MAC based 802.1X authentication and let me know if that's the thing that you were looking to achieve. (from Arpit_Bhatt)