Protecting a socket with an AP connected

Posted on 2009-04-21
Last Modified: 2013-11-09

I have various Cisco A1200 wireless placed around our building and I am concerned about somebody unplugging the A1200 and plugging a non authorised piece of equipment  into the socket. General I would use Port Security to lock down a socket to a device that was plugged into it via its MAC, but I can't do this with the A1200  sockets as it has multiple MACs are registered on the port.

Is there a way I can secure the socket the wireless units are plugged into from unauthorised access?

We use A1230 AP, 4402 WLAN Controllers, 3560 and 3750 switches

Question by:BESKEE
    LVL 12

    Expert Comment

    You could either use security face plates (face plates are screwed so you can't access the plugs) or setup notifications in which the 4402 sends you a message when the AP is down (which is good anyways).

    Do either of these work for you?
    LVL 9

    Accepted Solution

    I do belive that WLC version 5.2 (and 5.1 if I remember correct) supports 802.1x on AP level and I think the 1230 supports it also, which enables you to implement 802.1x in your entire network and not worring about anyone unplughing a ap or host and gain unauthorized access to your network. This would also negate the MAC address control that you manually are doing and not limiting anyone to a certain port in a certain switch as long as they have the right credentials.

    If you dont want to implement 802.1x on the entire network you can just do it on the ports connecting the APs.

    Author Comment

    The Security face plate seem simple but effective solution, however I don't seem to be able find any. Do you have any links to site that sell them?

    Monitoring is only good if I am on site and we are not always there

    The AP1230 we use apparently are not capable of becoming supplicants so we can't use the 802.1x for authorization.
    LVL 12

    Assisted Solution


    I know a few more vendors sell a product like it. Leviton and Hubbell do but I can't find the part number at the moment.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    I have had so many issues with my Vodafone 3G card (Novatel Merlin u630, provided by French carrier SFR) on Windows XP laptops that I thought I would create an help page for other users (I solved the issues). First issue, with my IBM/Lenovo lapto…
    I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now