- Community Home
- >
- Networking
- >
- Security e-Series
- >
- Re: HP Procurve 2610 Port Security
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-11-2013 02:53 AM
03-11-2013 02:53 AM
HP Procurve 2610 Port Security
Hello,
I've a question regarding the port security function on the HP Procurve 2610 switches. I wish to enable this but I'm not sure if it works in conjunction with IP Phones. They connect to these, which in turn are connected to terminals.
Is it true that when port security is applied, the port on the switch will check the MAC Address of the IP Phone. If it's authorized, a connection will be allowed? Will the terminals also be allowed/blocked depending on if the IP Phones are allowed/blocked by the switch?
If not, and you know of a better solution please advise. I'm looking for a decent way to make the network secure against unwanted devices.
Regards,
Wesley
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-11-2013 05:13 PM
03-11-2013 05:13 PM
Re: HP Procurve 2610 Port Security
Wesley,
Typically port-security is used to tie specific MAC addresses to specific ports. For example you might want the phone with MAC address 000000-000001 to only be allowed on port A1 and only port A1. The phone would be the only device allowed to ingress packets on port A1 and it wouldn't be allowed if it was moved to another port.
It sounds like you are also connecting PCs to the phones. The PCs won't be allowed just because the phone is allowed. The PC's MAC address will also have to be configured in port-security just like the phone.
port-security a1 learn-mode configured
port-security a1 address-limit 2 port-security a1 mac-address 000000-000001 # phone's MAC addr port-security a1 mac-address 000000-000002 # pc's MAC addr
The example above would allow the two devices with the given MAC addresses to connect to port A1.
If you are deploying an environment where you want to authenticate the devices but not necessarily tie them to a specific port you may consider using a RADIUS server and mac-based authentication. Also, 802.1x is another option if your phones and PCs support it. Most recent phones and PCs will have not problem.
Are you familiar with RADIUS?
Thanks,
Nathan