Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
354
Views
5
Helpful
1
Replies

Port Security

sprocket10
Level 2
Level 2

‎01-26-2015 03:44 AM - edited ‎03-07-2019 10:23 PM

I am looking at security on remote switches. I will be using port security on most switches, but this seems to be set on individual interfaces.

My example is, I have a site with 5 desks and 10 users may visit this site over time, but these users may sit anywhere. Do I need to setup all 5 interfaces with the 10 mac addresses or is it possible to create a group that I can apply to the interfaces, allowing me to only enter the mac addresses once.

I then have large sites with stacked switches and vlans for departments, and again they share desks. If I had to apply the mac addresses of the machines that may use the ports for the whole stack, my config will the huge.

 

Switches on these sites would range from 2960, 3750 and 3850.

 

Any help would be great.

Labels:
0 Helpful
1 Reply 1

Jon Marshall
Hall of Fame
Hall of Fame

‎01-26-2015 04:41 AM

As far as I am aware you cannot apply the same secure mac address to multiple interfaces on a switch.

So I think what you are proposing won't work.

Easiest way to find out for sure, in case I am wrong, is if you have a switch you can test with try applying the same mac to multiple ports. I'm pretty sure it won't allow it.

The secure mac address feature is useful when the same mac address is used all the time on the same port but that is the opposite of what you have.

In your case port security would be useful to limit the number of mac addresses seen on a particular port which can help with situations where users plug in their own switch/hub to the port.

Jon

Customers Also Viewed These Support Documents