Hi,
My goal is to block all traffic or to shutdown a switch port (or otherwise block), if a specific mac-address is plugged into the switch.
(for background, my exact scenario is, at times a user will plug in a rogue dhcp server, at which point my router sends me an alert- i then remotely track down the specific switch port the user plugged the rogue dhcp server into and then shutdown that switch port, until i get a phone call ( "my internet/wall jack isnt working!" )- Id much rather be able to block the mac address of that rogue dhcp servers Ethernet port (usually the LAN port(s) on a wifi router), so that the user will hopefully try other Ethernet ports on their router (until they find the proper WAN/Internet port, which they should have been using all along) - or the user will try other non dhcp-server devices, both of which could avoid a phone call to network support, which is the result when their port is fully shutdown )
All of my research has lead me to examples or solutions on other models of Cisco switches with this command (this command, if it worked on my version/model, would accomplish my goal):
mac-address-table static C056.27C5.3E2A fastEthernet 0/22 vlan 1 drop
however on my switch when i try to get this command here are the results:
ARW_3548(config)#mac-address-table static 00e0.b8b8.1c61 ? <cr>
FastEthernet FastEthernet IEEE 802.3
ARW_3548(config)#mac-address-table static 00e0.b8b8.1c61 fastEthernet 0/22 ? <cr>
FastEthernet FastEthernet IEEE 802.3
vlan vlan name
ARW_3548(config)#mac-address-table static 00e0.b8b8.1c61 fastEthernet 0/22 vlan 2 ? <cr>
(hitting enter to execute the command will add an entry to my running-config, but it does not block the mac-address in any way)
Static / dynamic or sticky port security, doesn't seem to address my specific issue either (my issue being knowing a mac-address that you want to block, ahead of time)
can anyone help with this or point me in the right direction? There just must be a way to block a Mac Address from even these earlier cisco 2924 swtiches. Thanks
Relevant Version info Output of # Sh Ver from my switch (i also have 1900 series switches in use):
IOS (tm) C2900XL Software (C2900XL-C3H2S-M), Version 12.0(5.2)XU, MAINTENANCE INTERIM SOFTWARE
System image file is "flash:c2900XL-c3h2s-mz-120.5.2-XU.bin"
cisco WS-C2924-XL
My goal is to block all traffic or to shutdown a switch port (or otherwise block), if a specific mac-address is plugged into the switch.
(for background, my exact scenario is, at times a user will plug in a rogue dhcp server, at which point my router sends me an alert- i then remotely track down the specific switch port the user plugged the rogue dhcp server into and then shutdown that switch port, until i get a phone call ( "my internet/wall jack isnt working!" )- Id much rather be able to block the mac address of that rogue dhcp servers Ethernet port (usually the LAN port(s) on a wifi router), so that the user will hopefully try other Ethernet ports on their router (until they find the proper WAN/Internet port, which they should have been using all along) - or the user will try other non dhcp-server devices, both of which could avoid a phone call to network support, which is the result when their port is fully shutdown )
All of my research has lead me to examples or solutions on other models of Cisco switches with this command (this command, if it worked on my version/model, would accomplish my goal):
mac-address-table static C056.27C5.3E2A fastEthernet 0/22 vlan 1 drop
ARW_3548(config)#mac-address-table static 00e0.b8b8.1c61 ? <cr>
FastEthernet FastEthernet IEEE 802.3
ARW_3548(config)#mac-address-table static 00e0.b8b8.1c61 fastEthernet 0/22 ? <cr>
FastEthernet FastEthernet IEEE 802.3
vlan vlan name
ARW_3548(config)#mac-address-table static 00e0.b8b8.1c61 fastEthernet 0/22 vlan 2 ? <cr>
(hitting enter to execute the command will add an entry to my running-config, but it does not block the mac-address in any way)
Static / dynamic or sticky port security, doesn't seem to address my specific issue either (my issue being knowing a mac-address that you want to block, ahead of time)
can anyone help with this or point me in the right direction? There just must be a way to block a Mac Address from even these earlier cisco 2924 swtiches. Thanks
Relevant Version info Output of # Sh Ver from my switch (i also have 1900 series switches in use):
IOS (tm) C2900XL Software (C2900XL-C3H2S-M), Version 12.0(5.2)XU, MAINTENANCE INTERIM SOFTWARE
System image file is "flash:c2900XL-c3h2s-mz-120.5.2-XU.bin"
cisco WS-C2924-XL