Recently an end-user just wrecked havoc on the network, pluging in a lan cable that on the IP phone that is suppose to be for the PC back into a nearby empty wall jack.
While we enabled the spanning tree portfast for all the edge switches port, thinking its suppose to stop this kind of connection, however it didn't happen.
When we call up TAC, I was told thats because the PC port on the IP Phone doesn't send BPDU packets, that was why spanning tree didn't do any port blocking.
Question 1: I though the PC and network port on the IP phones are kinda like a mini switch, somehow I realise now that its not....that true?
Question 2: Most importantly how do I prevent this in future? Will Port-security mac address count contrl be useful?