[c-nsp] preventing unwanted devices on the network
Scott Keoseyan
scott at labyrinth.org
Sat May 31 23:01:35 EDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
802.1x
Dan Letkeman wrote:
| Hello,
|
| I'm looking for the best way to prevent unwanted wireless routers or
| other unwanted bridging devices on a network. For example a wireless
| router with the wan port plugged in to the network or a router in
| bridging mode with dhcp off.
|
|>From other posts I have read about using dhcp snooping. I'm wondering
| if it works when someone plugs in a router into a switch because the
| "wan" port will only request an address, the dhcp will be on the
| routers "lan" side.
|
| Also I would like to prevent unwanted static ip addresses on this
| network as well. My current setup is a 3560 switch which has multiple
| 2960 switches connected to it. I would like to prevent this type of
| traffic right at the edge ports. Would an access list be the
| appropriate way to protect this? Unfortunately port security will not
| work for us.
|
| Thanks,
| Dan.
| _______________________________________________
| cisco-nsp mailing list cisco-nsp at puck.nether.net
| https://puck.nether.net/mailman/listinfo/cisco-nsp
| archive at http://puck.nether.net/pipermail/cisco-nsp/
- --
Scott A. Keoseyan (scott at labyrinth.org)
(704) 604-3381
Homepage : http://www.labyrinth.org/homepages/scott
Blogpage : http://www.labyrinth.org/wp1
PGP Keys : http://www.labyrinth.org/homepages/scott/pgp.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIQhEPA7TpMPAlvEcRAh9tAJ4weGMBF4hjdiQ80zzC+HyizARKkgCgjUX0
veKgOvCw1RPBsTknPWPOiEY=
=3zOp
-----END PGP SIGNATURE-----
More information about the cisco-nsp
mailing list