Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 607
  • Last Modified:

Cisco 2960 port security

Hello Experts,

I have an 8 port Cisco 2960 switch. I need to configure port security.

Port 1 to 6 will have only one device directly attached, so i can configure the MAC address to stick on these ports.

On port 7, there is another switch attached. This is a simple switch that is not managable. This switch will have 6 more devices attached.

Can i still configure port security on port 7? Like configure some kind of MAC address pool of the devices that are allowed to connect. And when an unknown device is attached, the port will go in error disabled state?
0
SvenIA
Asked:
SvenIA
  • 2
  • 2
2 Solutions
 
MiftaulCommented:
Yes, you can like below
Switch(config)#int gigabitEthernet 0/12
Switch(config-if)#switchport port-security
Switch(config-if)#switchport port-security maximum 6
Switch(config-if)#switchport port-security mac-address Sticky

Open in new window

0
 
Cyclops3590Commented:
Only other thing I would look at possibly is changing the violation method.  default is shutdown.  I would change it to restrict or protect.  shutdown actually shuts down the interface if more than the maximum mac addresses are seen killing connections for existing hosts.  The other two will just disable new macs from being learned.  restrict might be better as it increments the securityviolation counter.  but if you don't mind the shutdown feature or you specifically want that, by all means leave it at default.
0
 
SvenIAAuthor Commented:
Ok guys thanks for the information. I got one other question.

What if the additional switch was a wireless accesspoint attached to port 7? Will every wireless client count? Is it the same as wired, when it comes to port security?
0
 
MiftaulCommented:
To a switchport, it only understands MAC address. No matter if the mac is learned from connected wired or a wireless device, it still counts.

So yes, its the same regardless of wired or wireless.
0
 
SvenIAAuthor Commented:
Thanks for the information! Most helpfull.....
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now