04-27-2024 04:19 AM
Dears
our CTO wants the whole company mac address to be added in a port security so that nobody outside the company can access our network, is there any alternative solution for adding all the mac addresses manually.
Solved! Go to Solution.
04-27-2024 04:24 AM
the solution is MAB
adding MAC is not prevent other MAC from ADD
adding MAC in port security will force only these MAC to use specific port
solution is MAB if the MAC not found in radius the access is deny
MHM
04-27-2024 04:24 AM
the solution is MAB
adding MAC is not prevent other MAC from ADD
adding MAC in port security will force only these MAC to use specific port
solution is MAB if the MAC not found in radius the access is deny
MHM
04-27-2024 04:42 AM
There command to disable MAC learn under vlan' but I never test before' I will try it in my lab abd update you.
Thanks
MHM
04-27-2024 04:59 AM
I would really appreciate it
waiting for your feedback
05-09-2024 01:51 AM
Thank you
04-27-2024 04:39 AM
Randomize MAC address is going to wreck that plan.
04-28-2024 02:36 AM
Network access control (NAC) is the general term for such measures. Cisco's product that does this is Identity Services Engine (ISE).
04-28-2024 05:55 AM
Port-security is not a good solution for what you / your CTO wants to do, I would suggest looking into using ISE and 802.1x. A much better and scaleable solution.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide