Req : maximum Security in cisco 2950 per port ( 1 port 48 users connectd)

Answered Question
Nov 30th, 2009
User Badges:

Dear Experts,


I have Cisco 2950 24 port Switch , i need maximum security per port, in this switch heavy user load on per port there are more than 40 users in per port.


Cisco 2950 Switch -----> fas/01 is uplink and fast03/ - 24 ports are connected to ------> 48 port DSLAM (means each port  connected with one 48 port DSLAM) per DSLAM 48 users that means in cisco 2950 per port  48 users connected through DSLAM------> ADSL modem in CPE.


i need maximum security in per port so how can i configure as per my required in cisco 2950 switch.maximum security


There are same VLAN (2) all ports, cause port 1 as a uplink from Billing Authenticaion server all users needs to authenticate through fast0/1 VLAN 2.


I have configured from fas0/3 to 24 port are protected port but i having flooding and collision. problem.


So please help me what is the configuation to control ( flooding / collision / storm / control .....).


Thanks in ADV,


Vaib...

Correct Answer by Leo Laohoo about 7 years 5 months ago

You want a port to allow 48 users?  DO NOT configure port security then. DO NOT configre spanning-tree portfast.


If you really want to, try this:


switchport port-security
switchport port-security maximum 48
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
storm-control broadcast level 5.00
storm-control multicast level 5.00
no spanning-tree portfast

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Correct Answer
Leo Laohoo Mon, 11/30/2009 - 14:15
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

You want a port to allow 48 users?  DO NOT configure port security then. DO NOT configre spanning-tree portfast.


If you really want to, try this:


switchport port-security
switchport port-security maximum 48
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
storm-control broadcast level 5.00
storm-control multicast level 5.00
no spanning-tree portfast

csawest.dc Tue, 12/01/2009 - 00:54
User Badges:

Dear Experts,


Thank you very much for your great support , i'll try to do this and then let you know.


Thanks once again.


Cheers!!!


Vaib...

Leo Laohoo Tue, 12/01/2009 - 13:41
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

Please rate my post accordingly.  Thanks.

Actions

This Discussion