01-21-2014 08:49 PM - edited 03-07-2019 05:43 PM
Hi,
We need to restrict Layer 2 switch ports for blocking another switch connection.
Can any body guide me how to perform this task.
Regards,
Faisal
01-22-2014 01:42 AM
Hello Faisal,
Could you please provide us additional information?
I have no idea what youare trying to prevent from happening.
Can you add a diagram and explain your situation in more detail.
01-22-2014 03:08 AM
Hi Faisal,
Switch(config-if)#switchport port-security
OR
Switch(config-if)#spanning-tree bpduguard enable
If you decide to configure port-security, have a look here:
or just ask further questions.
What exactly are you trying to do? What kind of port do you want to block and why? Please, let us know, so we can provide a better answer.
Best regards,
Jan
01-22-2014 08:47 PM
Thanks for ur reply...
I think we also configure Access switch VTP on client mode...it will also block access ports for unmanaged switches.
Port security need to define MAC addresses and we use multiple work stations on these ports.
Regards,
Faisal
01-22-2014 04:50 AM
Hi
I think what you are asking is how to prevent unwanted switches being plugged into your network?
If so, the advice from Jan is the best.
BPDU Guard will only work for switches which use BPDU's and anybody technical could stop the switch sending them anyway so combine this with Port Security and limit the MAC addresses, you should be fairly well protected.
I would also advise setting all your user facing switchports to Access Ports only to prevent Trunks being formed (switchport mode access).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide