12-07-2004 05:21 AM - edited 03-02-2019 08:26 PM
I have 8 3550 POE wiht the SMI image running. The problem is that i dont have physical control over all sockets connection to the switches. I want to have strict security over all ports and have been tinking of using the port security feature. But i dont know if this feature is good enough for what i am after. I would like to get information from the switches as soon as someone puls a plug or insert another RJ-45 into a socket.
I have enabled event notification level 3 on all switches, but this sends me alot of mails way back in time.
Anyone have some advice for me here on how to secure the switches properly? It is not possible to do that physically.
Regards
Snakkes4you
12-07-2004 06:23 AM
I don't know if you've heard of 802.1x, but this could be used to provide strict port based authentication. Obviously you've been thinking about port security and this can be a good way to ensure that mac-addresses that you do not specifically configure cannot access the network. Are all your interfaces configured to be administratively up? You should get log messages related to ports going up/down and this will tell you if someone either rebooted their PC or removed a plug from the switch.
12-09-2004 05:22 AM
Im familiar with authentication protocols, but not on how to use 802.1 with switches. A link to an manual/somehelp would be much appreciated. All the interfaces are as default administratively up, but I am going to shutdown them that is not
12-09-2004 06:32 AM
Here is a good link on how to configre 802.1X with the 3550's:
Here is a good link on how to set up a radius server that accepts 802.1X authentication:
http://tldp.org/HOWTO/8021X-HOWTO/index.html
http://www.microsoft.com/windows2000/server/evaluation/news/bulletins/8021xclient.asp
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide