從MAC卡號找CISCO Port號與對應IP位址
MAC1(盜用者)0014.7cbb.de35
MAC2(正常者)0000.746f.4566
以上二台搶203.64.153.186IP位址,處理方式如下。
MAC2(正常者)0000.746f.4566
以上二台搶203.64.153.186IP位址,處理方式如下。
c3750g#show mac address-table address 0014.7cbb.de35
Mac Address Table
——————————————-
Mac Address Table
——————————————-
Vlan Mac Address Type Ports
—- ———– ——– —–
1 0014.7cbb.de35 DYNAMIC Gi1/0/27
Total Mac Addresses for this criterion: 1
—- ———– ——– —–
1 0014.7cbb.de35 DYNAMIC Gi1/0/27
Total Mac Addresses for this criterion: 1
找找Gi1/0/27所連交換器是什麼型號
c3750g#show cdp nei
Capability Codes: R – Router, T – Trans Bridge, B – Source Route Bridge
S – Switch, H – Host, I – IGMP, r – Repeater, P – Phone,
D – Remote, C – CVTA, M – Two-port Mac Relay
Capability Codes: R – Router, T – Trans Bridge, B – Source Route Bridge
S – Switch, H – Host, I – IGMP, r – Repeater, P – Phone,
D – Remote, C – CVTA, M – Two-port Mac Relay
Device ID Local Intrfce Holdtme Capability Platform Port ID
HP8000M02(0001e7-4db400)
Gig 1/0/23 172 S HP 8000M A1
Switch Gig 1/0/28 127 S I WS-C2950G Gig 0/1
cisco-2916xl Gig 1/0/24 123 S WS-C2916M Gig 2/1
HP8000M02(0001e7-4db400)
Gig 1/0/23 172 S HP 8000M A1
Switch Gig 1/0/28 127 S I WS-C2950G Gig 0/1
cisco-2916xl Gig 1/0/24 123 S WS-C2916M Gig 2/1
以上代表找不到型號,通常表示所接switch是非管理類型。
c3750g#sh arp | include 0014.7cbb.de35
Internet 203.64.153.186 0 0014.7cbb.de35 ARPA Vlan1
強制IP-MAC Binding方式解決:
c3750g(config)#arp 203.64.153.186 0000.746f.4566 arpa
c3750g#sh arp | include 0000.746f.4566
Internet 203.64.153.186 – 0000.746f.4566 ARPA
c3750g#
Internet 203.64.153.186 – 0000.746f.4566 ARPA
c3750g#
沒有留言:
張貼留言