cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1613
Views
0
Helpful
1
Replies

Authentication and Authorization of clients to grant access or deny over RJ45

drenrizaa
Level 1
Level 1

Hi all! I am hoping i am posting in the correct section and that the question has not been asked 100 times before, please bear with me.

 

I am currently investigating what capabilities Cisco have in the area of identifying clients on the local network that connect physically up to a RJ-45 wall panel, for example in a conference room, and then determine if the client should be authenticated and granted authorization to X, or if the client should be denied access to the network and temporiraly shutdown the port or by other means deny traffic. Identifying valid organization clients (grant) and identifying rogue clients (deny).

 

What would be a good way to accomplish such a task?

 

If you have any advice as to what articles, white papers / other i should read or personal experience, to better understand how this is done with Cisco products 2019, then please share with me :)

 

Thanks in advance

Best regards!

1 Reply 1

Seb Rupik
VIP Alumni
VIP Alumni

Hi there,

At the most basic level you will want to look at port-security. This allows you to restrict what devices can connect to a port and how to handle the violations based on MAC address.

 

Beyond that you will need to look at 802.1x, where you are trying to authenticate the user or device. This will involve additional cost in the form so a NPS (ie, freeRADIUS, ACS/ISE, etc)

 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/3se/security/configuration_guide/b_sec_3se_3850_cg/b_sec_3se_3850_cg_chapter_01111.html

 

cheers,

Seb.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: