Solved

Voip switchport security regarding port-security

Posted on 2008-06-18
4
1,109 Views
Last Modified: 2010-05-18
We are getting ready to roll out VoIP using all Cisco equipment. Some office only have 1 data run. We currently use Port-Security to prevent unauthorized devices. Since we will have seperate voice and data vlans, we would have to trunk on that port. Port security is not applicable for trunk ports. We are not ready to roll out 802.1x port authentication. are there any options on the phones to restrict what PCs can be plugged into it's switchports?

Thanks!
0
Comment
Question by:applesmash
  • 2
  • 2
4 Comments
 
LVL 22

Expert Comment

by:Reid Palmeira
ID: 21819684
depends on the phones and firmware you're running on them. The vast majority will not though. the 802.1x authentication is your best bet. what equipment are you using? switches and phones.
0
 
LVL 1

Author Comment

by:applesmash
ID: 21820505
3750 PoE and 7940s, nothing fancy on the phones.

I did find this on cisco's site and it mentions port security over trunk ports. Didn't know I could do that...

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/25sg/configuration/guide/port_sec.pdf

I realize that doc is for a 4500. It should work for 3750s with latest IOS also?
0
 
LVL 22

Accepted Solution

by:
Reid Palmeira earned 350 total points
ID: 21827119
you should be okay with the 3750 switches. don't worry about the phones controlling it at that point, do it on the switch. Setup the trunk port, voice vlan, etc. then the port security and violation setup.

see: http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_35_se/configuration/guide/swtrafc.html

0
 
LVL 1

Author Closing Comment

by:applesmash
ID: 31468425
That about covers it. Thanks for your help!
0

Featured Post

Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
Skype is a P2P (Peer to Peer) instant messaging and VOIP (Voice over IP) service – as well as a whole lot more.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question