HP 6125XLG R2306-HP 6125XLG Blade Switch Security Configuration Guide - Page 175
Configuration procedure, Con Switch
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 175 highlights
• On port Ten-GigabitEthernet 1/1/5 of Switch A, only IP packets from Host A can pass. • On port Ten-GigabitEthernet 1/1/6 of Switch B, only IP packets from Host A can pass. • On port Ten-GigabitEthernet 1/1/5 of Switch B, only IP packets from Host B can pass. Figure 57 Network diagram Configuration procedure 1. Configure Switch A: # Configure IP addresses for the interfaces. (Details not shown.) # Enable IPv4 source guard on port Ten-GigabitEthernet 1/1/6. system-view [SwitchA] interface ten-gigabitEthernet 1/1/6 [SwitchA-Ten-GigabitEthernet1/1/6] ip verify source ip-address mac-address # On Ten-GigabitEthernet 1/1/6, configure a static IPv4 source guard binding entry to allow only IP packets with the source MAC address of 0001-0203-0405 and the source IP address of 192.168.0.3 to pass. [SwitchA-Ten-GigabitEthernet1/1/6] ip source binding ip-address 192.168.0.3 mac-address 0001-0203-0405 [SwitchA-Ten-GigabitEthernet1/1/6] quit # Enable IPv4 source guard on port Ten-GigabitEthernet 1/1/5. [SwitchA] interface ten-gigabitEthernet 1/1/5 [SwitchA-Ten-GigabitEthernet1/1/5] ip verify source ip-address mac-address # On Ten-GigabitEthernet 1/1/5, configure a static IPv4 source guard binding entry to allow only IP packets with the source MAC address of 0001-0203-0406 and the source IP address of 192.168.0.1 to pass. [SwitchA-Ten-GigabitEthernet1/1/5] ip source binding ip-address 192.168.0.1 mac-address 0001-0203-0406 [SwitchA-Ten-GigabitEthernet1/1/5] quit 2. Configure Switch B: # Configure an IP address for each interface. (Details not shown.) # Enable IPv4 source guard on port Ten-GigabitEthernet 1/1/6. system-view [SwitchB] interface ten-gigabitEthernet 1/1/6 [SwitchB-Ten-GigabitEthernet1/1/6] ip verify source ip-address mac-address 166