Port security

[definityman]

Hi all.
I' planning to put my network in security using the port security command with max mac count=1.
Till here is quite easy.
I've the needing to made that in some ports only some machines has to be connected.
I mean,
i need for example on turret xx that is connected to a port on my 3548xl switch,that some laptops ( eg. 5 laptops) should connnect and no one else can.

Do you have any suggestions ?


Thanks in advance

Rgds

 

[ChicagoJim]

I use port security with the shutdown action on my network. It works great, but it does add a bit of extra work when you move or add workstations; and when some #$@! user tries to plug his home computer into the LAN.

I also have a port (in our conference room) connected to a small 4 port hub that multiple laptop users plug into. For that port, I simply set the max mac count number to the number of laptops that use the port, and then plugged the laptops in so that the switch learned the addresses before anyone had a chance to plug in a foreign device.

If you do a sh run after implanting port security, you'll notice that it adds lines to your running config as it learns addresses. So, it may be possible to manually type the lines into the config if you have to. For me, it was easier to just have the router learn the addresses itself.