Home > Cisco, Switch > Cisco: Detect rogue switches, block and auto recovery

Cisco: Detect rogue switches, block and auto recovery


Detect rogue switches connected to Cisco switch:

cisco#configure terminal
cisco(config)#interface fastEthernet 0/1
cisco(config-if)# switchport port-security                                                    //enable port-security
cisco(config-if)#switchport port-security maxium 2                               //detect more than 1 MAC address
cisco(config-if)#switchport port-security violation shutdown            //shutdown the port
cisco(config-if)#switchport port-security aging time 1
cisco(config-if)#switchport port-security aging type inactivity
cisco#show port-security                                                                                     //show interfaces that has port-security enabled

 Port Auto recovery:

cisco#configure terminal
cisco(config)#errdisable recovery cause psecure-violation                 //enable auto recovery
cisco#show errdisable recovery | begin Interface                                    //show recovery status

Advertisements
Categories: Cisco, Switch Tags: , , , ,
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: