1. Problem Description
The IP address on the switch is bound to the MAC address to establish an access control list. Only approved PCs can access the network.
2. Solutions
Create an access control list
> System-view: enters system mode.
] Acl number 6000 create an access control list
] Rule 0 deny ip first Disables any IP Address
] Rule 1 permit ip source 1.1.1.111 0 destination 1.1.1.222 0 allow the source ip address to access the destination IP address
] Rule 2 permit icmp source 1.1.1.111 0 destination 1.1.2.0 0.0.0.255 allow the specified ip address and host ICMP in the specified network
Apply the access control list on the ports of the downlink L2 Switch
] Interface Ethernet1/0/48
] Port access vlan id
] Am user-bind mac-addr 6cf0-4987-cdee ip-addr x. x
] Packet-filter inbound ip-group 6000 rule 0
] Packet-filter inbound ip-group 6000 rule 1
] Quit
> Save
From sustwct's column