Port security, multiple MACS on multiple ports

Hi rcommchas

 

I just tested in the lab and I get the same error. I will investigate and raise to the appropriate team, internally. This is not the correct behaviour!

 

In the meantime, you can make an ACL to accomplish the same thing. Below is how you do it, from the CLI.
- Replace the mac addresses with the real mac addresses that you want to allow, of course :)
- I have bound the ACL on 5 ports here, port 1-5. You need to adjust to whatever ports you use.

- What this ACL will do is block all traffic on those port, unless the traffic comes from a mac address in the list.

- The mac mask of 00:00:00:00:00:00 you must use for each entry. It means only this mac addr.

 

(M5300-52G) >enable
(M5300-52G) #configure
(M5300-52G) (Config)#mac access-list extended mac-acl
(M5300-52G) (Config-mac-access-list)#permit AA:AA:AA:AA:AA:AA 00:00:00:00:00:00 any
(M5300-52G) (Config-mac-access-list)#permit BB:BB:BB:BB:BB:BB 00:00:00:00:00:00 any
(M5300-52G) (Config-mac-access-list)#permit CC:CC:CC:CC:CC:CC 00:00:00:00:00:00 any
(M5300-52G) (Config-mac-access-list)#permit EE:EE:EE:EE:EE:EE 00:00:00:00:00:00 any
(M5300-52G) (Config-mac-access-list)#permit EF:EF:EF:EF:EF:EF 00:00:00:00:00:00 any
(M5300-52G) (Config-mac-access-list)#exit
(M5300-52G) (Config)#interface 1/0/1-1/0/5
(M5300-52G) (Interface 1/0/1-1/0/5)#mac access-group mac-acl in 1
(M5300-52G) (Interface 1/0/1-1/0/5)#end

 

Cheers