
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-01-2018 08:26 AM - edited 03-08-2019 01:16 PM
Solved! Go to Solution.
- Labels:
-
Other Switching
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-01-2018 09:35 AM
Yes, there is (or better, there was) a function named "dynamic access ports". It's a legacy technology that is typically not used any more today. It is a regular access-port, but the VLAN-membership is not configured statically, instead the switch queries a VMPS (VLAN membership policy server) which VLAN should be assigned to a port based on the MAC-address. This policy-server had a database of MAC-address to VLAN-mappings.
Today, a RADIUS-server like the Cisco ISE is used for that and the technology used is MAB (MAC authentication bypass).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-01-2018 08:29 AM - edited 01-01-2018 08:33 AM
Hi
It does not sounds for me, it could be dynamic ports instead, usually used for trunk interfaces: auto and desirable.
Switch mode dynamic <auto/desirable>
Also please check this image
:-)
>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-01-2018 08:50 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-01-2018 08:54 AM
You are welcome,
Actually you can but honestly I don't suggest configure port security under the trunks, it can generate troubles.
>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-01-2018 09:16 AM
so the port should be static trunk ports . so that port security can be applied ? or can we apply port security to dynamic trunk ports ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-01-2018 09:18 AM
Hi,
Port security is recommended under switchports in access mode only.
>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-01-2018 09:26 AM
so the port should be static trunk ports . so that port security can be applied ? or can we apply port security to dynamic trunk ports ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-01-2018 09:29 AM
Hi,
You can configure port security on dynamic or static trunks, but it is not recommended because it can generate issues. I recommend configure use port security on access ports only.
The following link could be useful:
:-)
>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-01-2018 09:35 AM
Yes, there is (or better, there was) a function named "dynamic access ports". It's a legacy technology that is typically not used any more today. It is a regular access-port, but the VLAN-membership is not configured statically, instead the switch queries a VMPS (VLAN membership policy server) which VLAN should be assigned to a port based on the MAC-address. This policy-server had a database of MAC-address to VLAN-mappings.
Today, a RADIUS-server like the Cisco ISE is used for that and the technology used is MAB (MAC authentication bypass).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-04-2019 10:42 PM
Hello @Karsten Iwen
Which statement is true about a dynamic access port?
A. VLAN 1 is the default VLAN.
B. None until the port VLAN is determined.
C. All VLANs are permitted in a dynamic access port link.
D. Per default, the port has to participate in a VLAN election to determine which VLAN a port is assigned.
I believe Answer A
but some people says answer B seems correct, can you answer this?
Thanks
Siva
