07-22-2024 09:52 PM - last edited on 07-22-2024 10:43 PM by shazubai
Hello Guys,
I have a question and been unable to find the answer. Right now, we use Port security and stick the MACs to the ports. However, My organization is moving to the hoteling system where people would be moving around. Is there anyway I can have port security to point toward ARP table to see whether the MAC address is registered or not. Any advice is much appreciated.
Thank You
07-22-2024 11:42 PM
- Can't see how this could be done ; better is move forward to identity based authentication schemes ,
M.
07-23-2024 07:04 AM
@woxagheto29 a NAC solution such as Cisco ISE would be the most suitable solution, where you can or the users register the device centrally in ISE and be authorised to access the network. The device MAC address could be used for authentication or you could pre-deploy certificates via AD GPO or allow the users to register for a certificate, which would be more secure than authentication based on the MAC, which can easily be spoofed.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide