Acheter ou Renouveler
Acheter ou Renouveler
annuler
Activer les suggestions
La fonction de suggestion automatique permet d'affiner rapidement votre recherche en suggérant des correspondances possibles au fur et à mesure de la frappe.
Affichage des résultats de 
Rechercher plutôt 
Vouliez-vous dire : 
cancel
Nouveau sujet
1444
Visites
1
Compliment
10
Réponses

Block a port ?

jmb09
Level 1
Level 1

le ‎26-12-2024 07:59 AM

Hello,

I have a wifi acces point connect to a switch C2960X.

Often people unplug cable and connect its equipments in place of this wifi acces point !

I was considering to configure port-security on this port, but i'm afraid to block all wifi trafic ... Is somebody ha s solution ?

 

Thanks

Étiquettes :
0 Compliments
10 RÉPONSES 10

MHM Cisco World
VIP
VIP

le ‎26-12-2024 08:06 AM

If this AP is local mode central SWITCHING' then you can use port-secuirty in port

If this AP is flexconn then you can not use port-secuirty 

MHM

0 Compliments

jmb09
Level 1
Level 1
En réponse à MHM Cisco World

le ‎26-12-2024 08:15 AM

Hello,

 

Thanks, i have severall ap of different model, this is a 1602I manage by a controler that is a 1832I

Is it possible with a port-security to shutdown the port if this AP is unplung ?

Thanks

 

0 Compliments

MHM Cisco World
VIP
VIP
En réponse à jmb09

‎26-12-2024 08:22 AM - modifié ‎26-12-2024 08:23 AM

If it AP flex then  sorry you can not use port-secuirty' do yoh have ISE ? You can use ISE to auth AP.

MHM

0 Compliments

jmb09
Level 1
Level 1

le ‎26-12-2024 08:29 AM

Hi!

 

No i haven't it but it seems to be interresting .....

Thanks

0 Compliments

jmb09
Level 1
Level 1

le ‎26-12-2024 08:33 AM

Hi

is there a way if a port is unplug to shudown the port and not activate it when cable is plug again, may be i was wrong by using port-security ?

 

Thanks

 

0 Compliments

MHM Cisco World
VIP
VIP
En réponse à jmb09

le ‎26-12-2024 08:47 AM

only port-security can do that and hence AP is flex if you run port-secuirty it will drop traffic of wifi endpoint 

MHM

0 Compliments

jmb09
Level 1
Level 1

le ‎26-12-2024 08:50 AM

Hi

Ok i well udestand i will take a look with my resailer next year, it should come install new accex point ....

 

Thank you for your time and your patience have a nice day ....

Thanks

Flavio Miranda
VIP
VIP

le ‎26-12-2024 09:22 AM

@jmb09 

 Port-security is an alternative in many scenarios. Do you have a Wireless Lan Controller or this is some kind of stand alone (Mobility express) Access Points? 

0 Compliments

jmb09
Level 1
Level 1

le ‎26-12-2024 09:33 AM

Hi !

Yes at this time i have mobility express available and running, it's managing have 18 access point.

Mobility express version is now old (8.5.140.0) and we will renew 7 accesspoint in january, i hope having another version ...

 

Thanks

 

0 Compliments

Flavio Miranda
VIP
VIP
En réponse à jmb09

le ‎26-12-2024 09:47 AM

@jmb09 

 For your scnerio, I dont believe you can justify ISE implementation, which should be the ideal for network security. But, If I were you I would take a close look on the  Auto Smartports feature available on your switch.

Auto Smartports Configuration Guide, Release 15.0(1)SE - Auto Smartports and Static Smartports Macros [Cisco Catalyst 3750-X Series Switches] - Cisco

With a bit of study and tests, you may  come up with something to protect the Access Point against arbitrary disconnection.

0 Compliments

Liens rapides

Parcourez les liens directs de la Communauté et profitez de contenus personnalisés en français

Partager un document Rédiger un blog Vidéos Data Center
Customers Also Viewed These Support Documents