Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1411
Views
5
Helpful
2
Replies

ISE - Securing witch port channel interfaces

BigK
Level 1
Level 1

‎08-28-2020 10:58 AM

Hello,

 

On my switch, I have all the switchports configured with ISE- 802.X. My question is how can I secure the interfaces that belongs to a channel-group ? Someone can easily unplug the port and plug in any device, and since there is not security on the port that may allow the device to connect to the network.  

 

Example:

SW-C3850#

interface GigabitEthernet1/0/48
switchport access vlan 10
switchport mode access
channel-group 1 mode on
spanning-tree portfast
ip dhcp snooping trust
end

 

SW-C3850#

interface GigabitEthernet2/0/48
switchport access vlan 10
switchport mode access
channel-group 1 mode on
spanning-tree portfast
ip dhcp snooping trust
end

 

Thanks !!!

0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎08-28-2020 12:33 PM

In terms of Security - we need to understand as below :

 

1. Physical Security

2. Network Security

3. Layer Security ---so on

 

If the Physical security breached - no one can help - it is a disaster - intruder can do anything.

 

coming back to your question - This port is part of Port-channel - so what will happen when the end-user device connected? 

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

BigK
Level 1
Level 1
In response to balaji.bandi

‎08-28-2020 03:18 PM - edited ‎08-28-2020 03:18 PM

@balaji.bandi 

That is the question - what will happen when the end-user device is connected to one of these ports? 

 

Thanks!

0 Helpful
Customers Also Viewed These Support Documents