Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
709
Views
0
Helpful
6
Replies

securing Network

csc010854800
Level 1
Level 1

‎12-20-2007 04:32 AM - edited ‎03-03-2019 08:00 PM

Hi,

i want to secure my network, so that no body can connect his pc into my network .

So , what is the best way to implement this.i have a database of all the MAC adrress of PC's. Can we restrict PC's which are not in that database.

Labels:
0 Helpful
6 Replies 6

royalblues
Level 10
Level 10

‎12-20-2007 04:49 AM

yes you can do that using port security where you can bind the mac-address to a particular port.

Also it is recommended to shut down all the unused ports

have a look at this link

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/native/configuration/guide/port_sec.html

HTH

Narayan

0 Helpful

csc010854800
Level 1
Level 1
In response to royalblues

‎12-20-2007 09:28 PM

Hi,

Thanks for the reply.Actally i have 200 PC's and i want that only that's much PC's will be able to access my network.Can i have a central database of all mac-address , so that first switch will refer that database and then authenticate .

0 Helpful

thomas.anthony
Level 1
Level 1
In response to csc010854800

‎12-21-2007 12:48 AM

try VMPS ,it is possible to have the switch dynamically choose a VLAN based on the MAC address of the device connected to a port.if the PC MAC address was not there in the databae it will not assine to any of VLAN ( you minght need to shutdown the native VLAN - 1 )

http://www.netcraftsmen.net/welcher/papers/switchvmps.html

0 Helpful

csc010854800
Level 1
Level 1
In response to thomas.anthony

‎12-21-2007 02:00 AM

Hi,

Thanx for the response.

I have 2 3750 switches and 8 2960 switches .

How to implement VMPS on this . Do i need some windows server .

Please send some sample configuration .

Whether it is a good idea to implement VMPS.

0 Helpful

Christopher Bell
Level 4
Level 4
In response to csc010854800

‎12-21-2007 06:48 PM

You may also consider a RADIUS solution - hardware or software. As mentioned above, it's a good idea to make sure you shutdown unused ports. I even go so far as unpluging cables from the switches in all my closets.

If this posts answers your question or is helpful, please consider rating it and/or marking as answered.
0 Helpful

Edison Ortiz
Hall of Fame
Hall of Fame

‎12-21-2007 06:56 PM

VMPS is a nice concept and it's often mentioned in many CCNA/CCNP publications. However, 802.1x is taking up and it's often the recommended approach for security at the access layer.

Take a look at this document:

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/12240se/scg/sw8021x.htm

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card