Filter
Top Products
1-14
Cisco EnergyWise Configuration Guide
OL-19806-03
Chapter 1 Managing Single Entities
Preventing Network Access to a Non-Cisco End Point
Preventing Network Access to a Non-Cisco End Point
We do not recommend using PC clients running EnergyWise Orchestrator as domain members. In an
EnergyWise network, non-Cisco endpoints could have access to the connected IP network and the
Internet.
Figure 1-4 PC with Access to the EnergyWise Network and the Internet
For example, in this network, to receive an IP address from the DHCP server, the PC sends a broadcast
message to the switches, which forward the message to the Internet. The DHCP server receives the
message and assigns an IP address to the PC.
When the PC sends an EnergyWise message to the Layer 2 switch, it forwards the message to the Layer 3
switch instead of responding to it. The Layer 2 switch and the connected PC are in different VLANs.
The Layer 3 switch also forwards the message.
If the message is forwarded to the router, the router adds the PC to the router MAC address table as a
directly connected device. To prevent this, you can configure a switched virtual interface (SVI) on the
Layer 2 switch so that the PC and switch are now in the same VLAN.
The PC now has access to the connected IP network and to the Internet.
• When the PC sends messages to the switch, the switch now responds to the messages instead of
forwarding them.
• The PC can also send messages to and receive messages from the IP network.
1 Domain member 5 Internet
2 Non-Cisco end point running an EnergyWise agent or client 6 DCHP server
3 Layer 2 switch 7 Router
4 Layer 3 switch 8 Management interface SVI 11
254195
2
3
6
7
4
SVI 10
VLAN 10
10.0.0.42
VLAN 20
20.0.0.5
SVI 20
VLAN 20
20.0.0.1
VLAN 10
10.0.0.5
1
5
8