Hello guys, this is so far for me to configure port security. but i never do like this requirement below, and if all guy has experience please share me. I want to configure port security which allow on my client 100 computer can access to my LAN, so if my client take his own laptop to plug in to my switch, that port is shutdown. if this requirement it seems simple right? but I have special exception, if i want to all my client PC(which allow to access to LAN) can plug to all switch( mean i have 5 switch, and PC1 connect to SW1 but if i take PC1 to plug to SW2 it still work without shutdown port), but still can have connectivity to access. Please help me. Thank
Dear Insharie, Sorry for inconvenient with my unclear question. let me describe to you again. Assume I have 5 switch(SW1,SW2,SW3,SW4,and SW5), and the client1's PC normally connect to SW1, but once day his computer is moved to connect to SW3, so if we configure Port Security, The port is shutdown becuase our restriction. the goal what i gonnna do is all computer (100 computer) can plug any switch without shutdown or restrict.
Are you trying to say that your client has 2 endpoint devices (1 company provided computer and 1 personal laptop)?
Do you mean that when your client connects to the switch using his/her own personal laptop, the port should shutdown the connection? Because in that is the cause, I believe it is much better if you configure 802.1x authentication rather than the port security mechanism because if you will use the port security, it uses MAC address of the endpoints to determine if the endpoint is allowed or not. This means that you will need to know the 100 computers' MAC addresses to implement it.
In the other hand, for this 802.1x security you can use Cisco ACS or Cisco ISE then integrate it to your Active Directory (AD) so that ACS or ISE will query the AD for the user credentials which means that the company computers must be joined into the company's domain.
After integrating the ACS or ISE to the AD, you should configure the switches to support 802.1x.
Dear Niks, First, I am overly grateful with your answer and clear. yeah you got my meaning. Assume I have 5 switch(SW1,SW2,SW3,SW4,and SW5), and the client1's PC normally connect to SW1, but once day his computer is moved to connect to SW3, so if we configure Port Security, The port is shutdown becuase our restriction. the goal what i gonnna do is all computer (100 computer) can plug any switch without shutdown or restrict. And Regarding your explain, I need to search with 802.1X to implement,because i don have experience with this before.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...