?
Solved

Port security on cisco switch

Posted on 2006-04-02
7
Medium Priority
?
219 Views
Last Modified: 2013-11-16
Can I enable port security on the switch port that conects to the PIx fw?
0
Comment
Question by:Jelonet
  • 4
  • 3
7 Comments
 
LVL 10

Accepted Solution

by:
naveedb earned 1000 total points
ID: 16356094
Yes you can. But if it is directly connected with PIX, then there is no reason to set port security. It is more usefull if PIX is located in a non-secure physical environment or if it is connected vai HUB and you want to only allow one MAC address to have access to LAN Segment from that port. Following link shows how to do it.

http://www.cisco.com/en/US/products/hw/switches/ps679/products_configuration_guide_chapter09186a008007ef1a.html

Post your switch configuration if you have any questions.
0
 

Author Comment

by:Jelonet
ID: 16359924
I tried the commands in the link and when I enable port security on the switch the switch port connecting to the Pix immediately shutdown. The Pix is directly connected to the switch port.
0
 
LVL 10

Expert Comment

by:naveedb
ID: 16360758
Post your configuration from Switch. Login to switch, do enable, then do show running
Also, post output from show version
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 

Author Comment

by:Jelonet
ID: 16360899
Switch#sh run
Building configuration...

Current configuration : 2058 bytes
!
version 12.1
no service single-slot-reload-enable
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Switch
!
enable secret 5
enable password 7
!
ip subnet-zero
!
!
spanning-tree extend system-id
!
!
interface FastEthernet0/1
 no ip address
 duplex full
 speed 100
!
interface FastEthernet0/2
 no ip address
 duplex full
 speed 100
!
interface FastEthernet0/3
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/4
 no ip address
 duplex full
 speed 100
!
interface FastEthernet0/5
 no ip address
 duplex full
 speed 100
 spanning-tree portfast
!
interface FastEthernet0/6
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/7
 no ip address
 duplex full
 speed 100
 spanning-tree portfast
!
interface FastEthernet0/8
 no ip address
 duplex full
 speed 100
 spanning-tree portfast
!
interface FastEthernet0/9
 no ip address
!
interface FastEthernet0/10
 no ip address
!
interface FastEthernet0/11
 no ip address
!
interface FastEthernet0/12
 no ip address
!
interface FastEthernet0/13
 no ip address
!
interface FastEthernet0/14
 no ip address
!
interface FastEthernet0/15
 no ip address
!
interface FastEthernet0/16
 no ip address
!
interface FastEthernet0/17
 no ip address
!
interface FastEthernet0/18
 no ip address
!
interface FastEthernet0/19
 no ip address
!
interface FastEthernet0/20
 no ip address
!
interface FastEthernet0/21
 no ip address
!
interface FastEthernet0/22
 no ip address
!
interface FastEthernet0/23
 no ip address
!
interface FastEthernet0/24
 no ip address
!
interface GigabitEthernet0/1
 no ip address
!
interface GigabitEthernet0/2
 no ip address
!
interface Vlan1
 ip address 192.168.1.12 255.255.255.0
!
ip default-gateway 192.168.1.1
ip classless
ip http server
!
!
!
line con 0
 password 7
line vty 0 4
 password 7
 login
line vty 5 15
 login
!
!
monitor session 1 source interface Fa0/1
monitor session 1 destination interface Fa0/4
end

Switch#
0
 
LVL 10

Expert Comment

by:naveedb
ID: 16364203
Paste your output when you enable port security, all comands you type and response.

Also type show interface for that port

And post show version
0
 

Author Comment

by:Jelonet
ID: 16365212
I'll have to do this tomorrow when I have physical access to the switch
0
 

Author Comment

by:Jelonet
ID: 16372581
I think we found what the problem is.  Th proxy is connected to the inside Pix interface.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is about my experience upgrading my consulting machine to Windows 10 Version 1709 (The Fall 2017 Creator Update)
Your business may be under attack from a silent enemy that is hard to detect. It works stealthily in the shadows to access and exploit your critical business information, sensitive confidential data and intellectual property, for commercial gain. T…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question