cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
290
Views
0
Helpful
3
Replies

Port Security

Mithun Sasi
Beginner
Beginner

Hi All,

i have one 48 port switch and i have applied port security in first 40 ports. these 40 ports are connected to user desks and other 8 ports are connected to meeting room. I have applied mac address sticky in those 40 ports. Now problem is users take their laptops and connect it to the meeting room ports if they have any meetings, and they wont get the IP address,as their mac address is binded to the desk ports.

 

So is there any solution for this issue? The users must get IP address when they connect to the meeting room ports without removing the port security from user desks.

 

Thanks

3 Replies 3

Instead of configuring it sticky (and, why did you use sticky?) you can configure port-security with a timeout:

 switchport port-security maximum 3
 switchport port-security
 switchport port-security aging time 2
 switchport port-security violation restrict
 switchport port-security aging type inactivity

 

Thanks karsten for the reply.

Sticky needs to applied.. becoz if a user is on leave for a day, the mac address learned in that port will get expired, right. so at that time an outsider can connect to that port and access the network

With these needs, you should implement 802.1x and not port-security.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: