Search this Blog

Sunday, June 6, 2010

How can we fix Ip-phone mac address to switch port in 4510-R SUP6-E?


We are noticing "someone" is moving ip-phones of meeting rooms (some of them are hands-free). To solve this issue, we want to fix ip-phone mac address to port switch. By this way, meeting rooms IP-phone will work only in fixed switch ports. If "someone" try to disconnect one IP-phone to connect it in another switch port, IP-phone didn??t work. What do you think is the best way to achieve our objective? We are thinking to use port-security in meeting rooms switch ports, but we don??t want to configure port-security in all switch ports (pc switch ports, printers switch ports,...). What is the behavior of port security if switch see Ip-phone mac address in a different port in which port security is not configured? IP-phone mac address could be blocked or allowed? Perhaps "mac address-table" command could be useful. Can you tell me you point of view about this issue?

For this you can use the command mac-address-table secure:

Example

Switch(config)# mac-address-table secure 00c0.00a0.03fa G1/1/1

The command will not allow the map address table to learn this specific MAC from any other port other than G1/1/1 interface.

No other changes are required on the switch.

You will have to enter one command per each phone's MAC associating it with the right port.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

1 comment :

  1. it does not work on Catalyst 3750, could you advise ? Thanks.

    ReplyDelete

 
/* Google Analytics begin ----------------------------------------------- */ /* Google Analytics end ----------------------------------------------- */