RSSAll Entries in the "LAN Security" Category

Switchport Port-Security Violation Options in Cisco Switch

Understand Swithport Port-Security Cisco layer 2 switch maintains the MAC address-table and it forwards a frames to destination based on MAC address table. We can enable a Switchport Port Security feature by allowing the specific Ethernet MAC address connected to the switch port. If any other MAC address tries to communicate through the same Switch port, port security will disable the port. Most of the time, network administrators configure the switch to send a SNMP trap to their network monitoring solution that the port’s disabled for security reasons. When using port security, you can prevent devices from accessing the network, which increases security. If any devices tried to connect to same switch port, there are three port security violation options available in Cisco Switch, based on your requirement you can enable any option for the switch port. There are three port security violation options are restrict, protect and shutdown, If […]

Configure 802.1X (dot1X) on Windows XP & Windows 7 for Wireless Network

802.1X (dot1x) configuration on Cisco Switch with Wireless Access Point Find below configuration to enable 802.1x (dot1x) on Cisco catalyst 2960 switch with wireless access point. ­­­Enables 802.1x.with Access point  Cisco‐2960(Config)#dot1x system‐auth‐control  Cisco‐2960(Config)#interface fastEthernet 0/24  Cisco‐2960(Config‐if)#switchport mode access  Cisco‐2960(Config‐if)#switchport access vlan <dataVlanid>  Cisco‐2960(Config‐if)#authentication port‐control auto              Cisco‐2960(Config‐if)#authentication host‐mode multi‐host  Cisco‐2960(Config‐if)#dot1x pae both  Cisco‐2960(Config‐if)#dot1x timeout tx‐period 3                                                                    Cisco‐2960(Config‐if)#spanning‐tree portfast 

Configure Cisco (802.1X) dot1x port Based Authentication for Wired LAN Network

Introduction to 802.1X (dot1x) This post describes how to configure IEEE 802.1X port‐based authentication on Cisco Switch to prevent unauthorized devices (clients) from gaining access to the network. The IEEE 802.1X standard defines a client‐server‐based access control and authentication protocol that restricts unauthorized devices from connecting to a LAN through publicly accessible ports. The authentication server authenticates each client connected to a switch port before making available any services offered by the switch or the LAN With 802.1X port‐based authentication, the devices in the network have specific roles.             Supplicant – This is often software on a client device such as a PC. Authenticator – This is often a medium between the client device asking for access permission and an authentication server. In most cases, this is either a switch or a wireless access point. Authentication server -This is a RADIUS database. Configuring 802.1X (dot1x) Authentication The […]

How to configure 802.1x (dot1x) on Cisco CatOS Switches

This document describes how to configure IEEE 802.1X  port-based authentication to prevent unauthorized devices (clients) from gaining access to the network.  In below example describes how to configure 802.1x (dot1x) port-based authentication on Cisco CatOS 6500 series switches. Cisco 802.1x also referred as dot1x. Step by Step Dot1x Configuration on Cisco CatOS switch Enable dot1x authentication on CatOS Switch set dot1x system-auth-control enable set dot1x quiet-period 30 set dot1x re-authperiod 30 Configure system name set system name  Cisco_6509 Configure Radius Server for Authentication set radius server auth-port 1812 primary set radius key openthedoor Configure Dot1x on Specific Switch Ports set port dot1x 3/45 port-control auto set port dot1x 3/46 port-control auto set port dot1x 3/47 port-control auto set port dot1x 3/48 port-control auto set port dot1x 3/45 re-authentication enable set port dot1x 3/46 re-authentication enable set port dot1x 3/47 re-authentication enable set port dot1x 3/48 re-authentication enable set port […]

How to Configure Cisco Port Security on Cisco Catalyst Switches

In this article I am going to be talk about how to configure port security on a Cisco Catalyst switch. Port security feature is one of the first things you can use to secure your network from unauthorized access. This feature limits and identifies MAC addresses of the workstations that can access the port. When secure MAC addresses are assigned to a secure port, the port does not forward packets with source addresses outside the group of defined addresses. There are three different settings you can configure with port security: Protect which discards the traffic but keeps the port up and does not send a SNMP message. Restrict which discards the traffic and sends a SNMP message but keeps the port up Shutdown which discards the traffic sends a SNMP message and disables the port. (This is the default behavior is no setting is specified). Configure SwitchPort port security on Cisco Switch […]