1748072 Members
5745 Online
108758 Solutions
New Discussion юеВ

Disabed port

 
OliveSico
Occasional Contributor

Disabed port

Hi all,

I wonder if there is a way to disabled a port when the router behind is unplugged.

Just for security reason : the router and switch are not in a "safe" location, away from my office.

And to avoid somebody to plug a computer in place of the router and so have access to the network.

Switch is a HPE2530.

Thanks

2 REPLIES 2
EricAtHP
Esteemed Contributor

Re: Disabed port

The best way to do it is to configure 802.1X on both the switch and the router. The 2530 can act as a supplicant (client) and authenticate to the router if it supports 802.1X. Another option would be to configure static port-security to permit only one mac-address.

I would also highly recommend configuring "front-panel-security" on the 2530 to disable the ability to reset the local password to gain access to the management of the switch. I would recommend both "password-clear" and "factory-reset". If you do set these and lose the password, you would have to contact support for a one-time use password to gain access again.

OliveSico
Occasional Contributor

Re: Disabed port

Hi Eric,

Thanx for this reply.

The static port-security seems to be the best way for me, since i know the router's mac address.

Don't worry ;) the front panel security is set on all the switches that are not phisically in our secure room (remote sites), as well as SSH, SSL and secure login.

Thanx again

Cheers