qasim saeed
asked on
How to block unmanaged switches from network
How to block unmanaged switches from network. I have already apply BBDU Guard on interface but where unmanaged switches attached port will not block. and in show spanning-tree interface detail command no BpDU received. So please help is required for block unmaanged switches fron network. Other than port security please
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Remove them physically by hand.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If you have a domain I would recommend using 802.1x/raduis. When a device attaches to a port it is authenticated against your domain either by user or device credentials ( highly recommend using device credentials). This will lock down your ports, but you don't have to keep track of mac addresses like you do in port security.
Andy's suggestion would block unauthorized systems people are trying to connect to the network, but it would not address the switch topic.
Port security isn't about knowing the MACs, but preventing more than one MAC from utilizing a port on the manager switch. With port security on, you automatically prevent this. With it off, you can monitor your managed switcg and deduce where an unmanaged switch might be. The user(s) would then have to deal with the embarrassment of being observed with you confiscating the switch and reporting it.
Port security isn't about knowing the MACs, but preventing more than one MAC from utilizing a port on the manager switch. With port security on, you automatically prevent this. With it off, you can monitor your managed switcg and deduce where an unmanaged switch might be. The user(s) would then have to deal with the embarrassment of being observed with you confiscating the switch and reporting it.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Answered