Solved

Cisco 2960 port security

Posted on 2014-01-14
5
557 Views
Last Modified: 2014-01-14
Hello Experts,

I have an 8 port Cisco 2960 switch. I need to configure port security.

Port 1 to 6 will have only one device directly attached, so i can configure the MAC address to stick on these ports.

On port 7, there is another switch attached. This is a simple switch that is not managable. This switch will have 6 more devices attached.

Can i still configure port security on port 7? Like configure some kind of MAC address pool of the devices that are allowed to connect. And when an unknown device is attached, the port will go in error disabled state?
0
Comment
Question by:SvenIA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 11

Accepted Solution

by:
Miftaul earned 475 total points
ID: 39778687
Yes, you can like below
Switch(config)#int gigabitEthernet 0/12
Switch(config-if)#switchport port-security
Switch(config-if)#switchport port-security maximum 6
Switch(config-if)#switchport port-security mac-address Sticky

Open in new window

0
 
LVL 25

Assisted Solution

by:Cyclops3590
Cyclops3590 earned 25 total points
ID: 39780372
Only other thing I would look at possibly is changing the violation method.  default is shutdown.  I would change it to restrict or protect.  shutdown actually shuts down the interface if more than the maximum mac addresses are seen killing connections for existing hosts.  The other two will just disable new macs from being learned.  restrict might be better as it increments the securityviolation counter.  but if you don't mind the shutdown feature or you specifically want that, by all means leave it at default.
0
 
LVL 7

Author Comment

by:SvenIA
ID: 39781415
Ok guys thanks for the information. I got one other question.

What if the additional switch was a wireless accesspoint attached to port 7? Will every wireless client count? Is it the same as wired, when it comes to port security?
0
 
LVL 11

Expert Comment

by:Miftaul
ID: 39781425
To a switchport, it only understands MAC address. No matter if the mac is learned from connected wired or a wireless device, it still counts.

So yes, its the same regardless of wired or wireless.
0
 
LVL 7

Author Closing Comment

by:SvenIA
ID: 39781435
Thanks for the information! Most helpfull.....
0

Featured Post

Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco 2960 PACL 9 113
SSH logs Cisco switch 4 104
Cisco Policy based routing 2 62
Reset HP V1905-24-PoE switch to factory default settings 2 42
The worst thing when starting a new job is when the previous Network Administrator left behind no documentation. How do you get into the devices? If you've been in this situation or just accidently mistyped your password, this article will hopefully…
I see many questions here on Experts Exchange regarding switch port configurations and trunks. This article is meant for beginners in the subject to help to get basic knowledge about Virtual Local Area Network (VLAN (http://en.wikipedia.org/wiki/Vir…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question