Improve company productivity with a Business Account.Sign Up

x
?
Solved

Port based security on Cisco Switches

Posted on 2012-03-29
5
Medium Priority
?
385 Views
Last Modified: 2012-06-27
I need to find out which Cisco switches support port based security. I have a network with Cisco voice and data along with their respective vlans, however I need to create some additional vlans and be able to allow access on ports only to specified MAC addresses so that under no circumstances can anyone connect a device and have access to the network. Can someone please offer suggestions and maybe shed some light on what that config would look like.
0
Comment
Question by:ryanva
5 Comments
 
LVL 5

Expert Comment

by:andrew1812
ID: 37782170
0
 
LVL 10

Expert Comment

by:mat1458
ID: 37782580
Any IOS switch can do that: 2960, 3560, 3750, 4500, 6500. Also the older ones like 2950, 3550, 4000, 6000 do that. And some of the SMB switches support it as well.

Do yu already have any type of switches?
0
 

Author Comment

by:ryanva
ID: 37782605
I have a Cisco 2960-24PC-L for the voice vlan and two Linksys SGE2000P switches for the data vlan
0
 
LVL 10

Accepted Solution

by:
mat1458 earned 1000 total points
ID: 37784027
0
 
LVL 17

Expert Comment

by:TimotiSt
ID: 37786705
Config looks like:

 switchport port-security
 switchport port-security violation restrict

with the addition of a "switchport port-security mac-address sticky" statement.

Please be aware that MAC addresses can be cloned, so 802.1x is a better security tool.

Tamas
0

Featured Post

IT Degree with Certifications Included

Aspire to become a network administrator, network security analyst, or computer and information systems manager? Make the most of your experience as an IT professional by earning your B.S. in Network Operations and Security.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against  DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question