Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
338
Views
4
Helpful
1
Replies

Enabling port security

HMidkiff
Level 1
Level 1

‎11-14-2008 08:46 AM - edited ‎03-06-2019 02:29 AM

I am enabling port security on all of my switchports. My goal is to stop users from adding small switches or unauthorized wireless AP's to the network. If I use the command “Switchport port-security“ this will limit the port to one MAC address. If a switch is plugging in and 2 machines are plugged into in to it, this should shutdown the port? Also. if I use the command “Spanning-tree bpduguard” this should stop a wireless AP who most like would be doing NAT. The catalyst switch would only see it as one MAC address, but it should send BPDU packets and thus the port would be shutdown.

Am I right on this? Thanks.

Labels:
0 Helpful
1 Reply 1

Edison Ortiz
Hall of Fame
Hall of Fame

‎11-14-2008 08:53 AM

Just be aware if you have VoIP in your network.

The switchport will have 3 MAC-Address associated to it.

As far as the BPDU, YES - if the AP sends BPDU and you have the SP BDPU enabled, the port will be disabled upon receiving the BPDU packet.

HTH,

__

Edison.

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card