Locking ports according to classification rule – Enterasys Networks 2200 User Manual

Example 8, Locking a MAC Address to a Port Using Classification Rules

12-46

VLAN Operation and Network Applications

In this example, the AppleTalk traffic is routed only to AppleTalk users (ports 1, 2, 5, and 6), while
IP traffic is allowed to be seen by IP users (ports 3, 4, and 7) and by IP/AppleTalk users (ports 1, 2,
5, and 6).

12.19 EXAMPLE 8, LOCKING A MAC ADDRESS TO A PORT USING

CLASSIFICATION RULES

The following example illustrates how to add security by “locking” an individual MAC address to
a port on the SmartSwitch device. This would typically be done to ensure that only a particular
device can gain access to the network from a specific port. Traffic received by the switch from any
MAC address other than the one assigned to the “locked” port will be discarded.

In this example, illustrated in

Figure 12-26

, Switch S1 will be configured to lock ports 1 and 2 to

the source address 00.00.00.00.00.0A and 00.00.00.00.00.0B of Workstation 1 and 2, respectively.

Figure 12-26

Locking Ports According to Classification Rule

4046_25

S1

Port 1

Port 2

Locked

Ports

Uplink to Network

00.00.00.00.00.0B

Workstation 2

00.00.00.00.00.0A

Workstation 1