cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
763
Views
0
Helpful
2
Replies
Highlighted
Participant

Hub didnt disable with bpduguard enable

Hello,

I have the following configuration on my access layer switch.

interface FastEthernet0/1 - 20

switchport access vlan 4

switchport mode access

spanning-tree portfast

spanning-tree bpduguard enable

But when i plug in a netgear hub into one of the user ports it didnt err-disable the port. 

I need this to stop users plugging in a hub onto our network so they have extra access ports.

Any ideas why the bpduguard did not work.

thanks

Kevin

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Rising star

Hi,
For this situation you can use
#switchport port-security
#switchport port-security max address 3 (for example)
#switchport port-security mac address sticky
To allow only three PCs to be connected from hub.

Sent from Cisco Technical Support iPhone App

Best regards,
Abzal

View solution in original post

2 REPLIES 2
Highlighted
Rising star

Hi,
For this situation you can use
#switchport port-security
#switchport port-security max address 3 (for example)
#switchport port-security mac address sticky
To allow only three PCs to be connected from hub.

Sent from Cisco Technical Support iPhone App

Best regards,
Abzal

View solution in original post

Highlighted

Yeah - port security is a fall back option.

Enabling bpduguard on client facing ports will err-disable the switchport if it receives a bpdu from a connected device. But BPDUs are sent by switches so old hubs won't send bpdus.  For this reason i dont think its possible to err-disable a hub using bpduguard enable

thanks

Kevin

Content for Community-Ad