Solved: MAC Address Voilation

faamin011 · ‎05-06-2013

my point is with port base security concern in which I have imposed mac base security on all access port, now if some one know the allowed mac he or she can static assign mac to laptop/PC and access to network.

This is security lack, please advice anything we can do this to mitigate

blau grana · ‎05-07-2013

Hello Fahad,

You are right, but with port security you have allowed mac-addresses on certain ports so you assume that user with that MAC will be connected to particular port. If someone steal MAC address to other user, attacker needs to also connect to correct port to have access to network.

If you are still concern about security, you can additionaly implement port based authentication ->

http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/ht_8021x.html

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions

View solution in original post

blau grana · ‎05-07-2013