Configuring Ipsg For Static Hosts On A Layer 2 Access Port - Cisco Catalyst 4500 Series Configuration Manual
Release ios xe 3.3.0sg and ios 15.1(1)sg
Hide thumbs
Also See for Catalyst 4500 Series:
- Software configuration manual (2086 pages) ,
- Administration manual (1814 pages) ,
- Configuration manual (1254 pages)
Table of Contents
Advertisement
Chapter 50
Configuring DHCP Snooping, IP Source Guard, and IPSG for Static Hosts
Configuring IPSG for Static Hosts on a Layer 2 Access Port
You can configure IPSG for static hosts on a Layer 2 access port.
To enable IPSG for static hosts with IP filters on a Layer 2 access port, perform this task:
Command
Step 1
Switch(config)# ip device tracking
Step 2
Switch(config)# ip device tracking [probe {count
count | interval interval}]
Step 3
Switch(config)# ip device tracking [probe {delay
interval}]
Step 4
Switch(config)# interface fastEthernet a/b
Step 5
Switch(config-if)# switchport mode access
Step 6
Switch(config-if)# switchport access vlan n
Step 7
Switch(config-if)# ip device tracking maximum n
Step 8
Switch(config-if)# switchport port-security
Step 9
Switch(config-if)# switchport port-security
maximum n
Step 10
Switch(config-if)# ip verify source tracking
[port-security]
Step 11
Switch(config-if)# end
Step 12
Switch# show ip verify source interface-name
Step 13
Switch# show ip device track all
[active | inactive] count
OL-25340-01
Purpose
Turns on the IP host table.
(Optional) Configures these parameters for the IP device
tracking table:
•
count—Number of times that the switch sends the
ARP probe. The range is 1 to 5. The default is 3.
•
interval—Number of seconds that the switch waits
for a response before resending the ARP probe. The
range is 30 to 300 seconds. The default is 30
seconds.
(Optional) Configures the optional probe delay
parameter for the IP device tracking table:
interval—Number of seconds that the switch delays
•
sending an ARP probe, triggered by link-up and
ARP probe generation by the tracked device. The
range is 1 to 120 seconds. The default is 0 seconds.
Enters IP configuration mode.
Configures a port as access.
Configures the VLAN for this port.
Establishes a maximum limit for the bindings on this
port.
Upper bound for the maximum is 10.
(Optional) Activates port security for this port.
(Optional) Establishes a maximum number of MAC
addresses for this port.
Activates IPSG for static hosts on this port.
Exits configuration interface mode.
Verifies the configuration.
Verifies the configuration by displaying the IP-to-MAC
binding for a given host on the switch interface.
all active—Displays only the active IP-to-MAC
•
binding entries.
•
all inactive—Displays only the inactive IP-to-MAC
binding entries.
•
all—Displays the active and inactive IP-to-MAC
binding entries.
Software Configuration Guide—Release IOS XE 3.3.0SG and IOS 15.1(1)SG
Configuring IP Source Guard for Static Hosts
50-25
- Quick Links:
- Resetting a Switch to Factory Default...
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
