On 2007-11-29 17:49, Mire, John wrote: > We blackhole in the core 6509s using the mac address along with port security > on the access layer with only one(1) MAC address association per port,
In that case, setting static arp entries on the firewall and disabling native arp on the protected interface(s) should do the trick. Prolly the easiest effective option. -- Jefferson Ogata <[EMAIL PROTECTED]> NOAA Computer Incident Response Team (N-CIRT) <[EMAIL PROTECTED]> "Never try to retrieve anything from a bear."--National Park Service
