Security issue with the vista pc

Unanswered Question
Jan 22nd, 2010
User Badges:

Hi,

i have configured an interface with port security as follows:


port sec

port sec max 1

port sec act shut


and connected one pc. But when vista pc got connected to the above secured port, that pc was able to access the lan and it doesn't violated port.

As we configured the above port with port sec max 1, it should not allow that vista pc right? what may be the reason?



rammi

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Fri, 01/22/2010 - 09:57
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Rammi,

in the other post you complain that port security works and here you complain that it is not working


it is the same switch, what IOS version is running?


can the original PC or vista PC (not clear) be running any virtualization software? they can associate additional MAC addresses to the PC NIC.


also, using port security max  first MAC address seen on port is considered secure.

I would suggest you to start to teast by adding manually the MAC address.


Besides this, the secure host MAC address table has its own timers and can be influenced by some additional commands the aging time can be based on inactivity  on the port or it can be absolute.


see


http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22_ea11x/configuration/guide/swtrafc.html#wp1038501


Hope to help

Giuseppe

Actions

This Discussion