How to setup ip-mac binding in your switch?

For security purpose, you might want to bind ip address with MAC address for client devices. There are several IP-mac binding solutions, including ARP binding, port-based binding…

In this post, I will introduce the steps to setup port-based IP-MAC binding in your switch.

1. Cisco 2950

Syntax of cisco 2950 port-based IP-MAC binding.
Switch#config terminal
Switch(config)#Interface fastethernet 0/1
Switch(config-if)#switchport port-security mac-address xxxx.xxxx.xxxx ip-address 192.168.x.x

2. Huawei S5700

Syntax of Huawei S5700 port-based IP-MAC binding.
#interface GigabitEthernet 1/0/1
#user-bind mac-addr xxxx-xxxx-xxxx ip-addr 10.100.11.2

Other models have similar syntax. Port-based binding in switch is powerful, but it’s rather complicated to setup and maintaince, especially when you have a lot clients.

However, IP-MAC binding in gateway is easier to setup, also with powerful features, please check below screenshots in WFilter NG firewall.

3. WFilter NGF

When configured, DHCP clients will be assigned with static ip addresses; clients not matching the ip-mac binding relationship will be blocked.

Internet content filtering solutions for business – WFilter Blog

Internet content filter and firewall solutions for business network.

1. Cisco 2950

2. Huawei S5700

3. WFilter NGF