I am looking at a 6500 configuration (IOS 12.2(14)), and I am trying to determine exactly what is going on and more importantly, if the switchport configurations for the interfaces are SECURED properly. The following lines are configured on the interfaces:
switchport
switchport access vlan XXX
switchport mode access
switchport port-security
switchport port-security mac-address XXXX.XXXX.XXXX
My understanding is that because of the "switchport mode access" line, that the interface is nontrunking, nontagged, which I thought was not a good idea. If that is the case, what exposures are there. Also, should 802.1Q tunneling be done instead, and if so, are there some limitations as to why 802.1Q tunneling may not be done in this instance?
Thanks.