Solved

how can i blcok wireless hub connect to our company

Posted on 2012-03-23
6
354 Views
Last Modified: 2012-03-23
hello Expert
in our company, some users bring a wireless hub connect to network, so that they using WIFI on cell phone or iPad etc, i just want to know does it possible block this?
all end user desk port are connecting to several Cisco 2950 switch, and core switch is Cisco 3550, does it possible configure ports on 2950 which could only get computer connected others not?

thank you
0
Comment
Question by:beardog1113
6 Comments
 
LVL 19

Expert Comment

by:helpfinder
ID: 37756202
I recommand you firtsly to issue some internal document, policy that this is forbiden to do and they could be punished for such a behavior by employer

no extrra smart idea from my side, only what I have on my mind is to set your DHCP to give IP to concrete MAC address (so you collect all MAC addresses in your company and match them with particular IP) - this could solve your problem but on other hand I agree this is not a handy solution (especialy in large enviroment)
or you could get a wifi router mac and block it so your DHCP won´t assign IP to it (but if your users are a little bit IT experienced I am sure they wil be able to change routers MAC and they are online back)
0
 
LVL 7

Accepted Solution

by:
PaulNSW earned 500 total points
ID: 37756219
You can also use Cisco's port security settings

Read the article here
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/port_sec.html
0
 
LVL 5

Expert Comment

by:abhishek1986
ID: 37756225
If you have a small client base, you can map MAC Addresses to a particular port of the switch, which gives you additional security and solves your problem of some external devices being added to the network.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 37

Expert Comment

by:Neil Russell
ID: 37756323
MAC Authentication is of course the best way. You could easily script with powershell, WMI to collect all of the MAC Addresss of your company computers.
0
 
LVL 44

Expert Comment

by:Darr247
ID: 37758297
The only problem with that (MAC-based ACLs) is, I have never seen a consumer grade router than did not have a MAC Cloning function to make it appear to be the computer that is actually hooked to one of the router's LAN ports, configuring it.

So, a Network Usage Policy with repeated violations subject to disciplinary action, is the best way to go, in my opinion... with occassional sweeps using a laptop running WiFi Inspector or inSSIDer to look for rogue access points just to show them they CAN be detected and found.
0
 

Author Closing Comment

by:beardog1113
ID: 37759620
yes, port-security helps, i have test it and thats great, but not sure if the hub support MAC clone will what happen, this is not test.

anyway thanks
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article is a how to to configure a UCS Ethernet-uplink portchannel via the console. It is easy to do and can be done quite quickly. In certain versions of the UCS manager the portchannel has issues coming up and this is a workaround. I am…
Hi there, This article summarizes what you need if you are going to set up your home or small business Network Attached Storage (NAS) to be accessible from the internet. Of course there are configuration differences based on your NAS or router ma…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question