ProCurve / ProVision-Based
cancel
Showing results for 
Search instead for 
Did you mean: 

Mac-address cloned intrusion

druartx
Frequent Visitor

Mac-address cloned intrusion

Hello,

 

I've configured the LMA on my HP2530 with a mac-oui address.

aaa port-access local-mac mac-group "IPPhone"
   mac-oui 001f9f  <<< thomson vendor ID
   exit

It is correctly authenticated on the switch

Port  MAC Address     IP Address         Client Status
 ----- --------------- ------------------ ----------------------
 5     001f9f-841e10   n/a                authenticated

If i configure the same mac-address on a linux PC connected on another port, this one disconnect the phone from the port 5 and authenticate the PC on port 10

Port  MAC Address     IP Address         Client Status
 ----- --------------- ------------------ ----------------------
 10    001f9f-841e10   n/a                authenticated

Could somebody help me. It should be possible to authenticate a unique mac-address

Thanks you for your help