Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

switchport configuration...

I am looking at a 6500 configuration (IOS 12.2(14)), and I am trying to determine exactly what is going on and more importantly, if the switchport configurations for the interfaces are SECURED properly. The following lines are configured on the interfaces:

switchport

switchport access vlan XXX

switchport mode access

switchport port-security

switchport port-security mac-address XXXX.XXXX.XXXX

My understanding is that because of the "switchport mode access" line, that the interface is nontrunking, nontagged, which I thought was not a good idea. If that is the case, what exposures are there. Also, should 802.1Q tunneling be done instead, and if so, are there some limitations as to why 802.1Q tunneling may not be done in this instance?

Thanks.

  • Other Network Infrastructure Subjects
1 REPLY
New Member

Re: switchport configuration...

mode access is usually for end devices attached to the port. there's no reason really to trunk unless you are connecting another switch or a vlan-routing router to that port.

the port-security command only allows that specific mac-address to connect to the switch on that port.

254
Views
0
Helpful
1
Replies