Monitoring layer-2 security filters, Layer-2 filter examples, Example 1: address filters – Cabletron Systems SMARTSWITCH ROUTER 9032578-05 User Manual

SmartSwitch Router User Reference Manual

283

Chapter 20: Security Configuration Guide

Monitoring Layer-2 Security Filters

The SSR provides display of Layer-2 security filter configurations contained in the routing
table.

To display security filter information, enter the following commands in Enable mode.

Layer-2 Filter Examples

Figure 24. Source Filter Example

Example 1: Address Filters

Source filter:

The consultant is not allowed to access any file servers. The consultant is

only allowed to interact with the engineers on the same Ethernet segment – port et.1.1.
All traffic coming from the consultant’s MAC address will be dropped.

Show address filters.

filters show address-filter

[all-source|all-destination|all-flow]
[source-mac

dest-mac

]

[ports

] [vlan

]

Show port address lock
filters.

filters show port-address-lock ports

[ports

] [vlan

]

[source-mac

]

Show secure port filters.

filters show secure-port

Show static entry filters.

filters show static-entry

[all-source|all-destination|all-flow]
ports

vlan

[source-mac

dest-mac

]

et.1.1

et.1.2

et.1.3

Hub

Engineers,
Consultant

Engineering
File Servers

Finance
File Servers

SSR

filters add address-filter name consultant source-mac 001122:334455

vlan 1 in-port-list et.1.1