Evil_TTL> show | s

IPSG IP Source Guard

Category:Cisco Systems -> Security

IP source guard (IPSG) is a protective function against IP address spoofing attacks. Used to ba a function in Cisco Catalyst Layer 3 switches starting with 3560 series switches and above. Now it is supported in Cisco Catalyst 2960 and 2960-S series switches. IPSG is used in combination with IP DHCP snooping.

Configuration example:

ip dhcp snooping
ip dhcp snooping vlan 100

interface gigabitethernet0/26
 ip dhcp snooping trust
 
exit

interface 
range fastethernet0/14
 switchport
 ip verify source vlan dhcp
-snooping port-security
 
exit 

To allocate a static IP address with IPSG turned on use the commands:

interface fastethernet0/15
 switchport
 
exit

ip source binding 0000.1100.0022.aa00 vlan 100 interface gi0/15 
By privilege15