[cisco-voip] Restricting VoIP VLAN ports to known phones only
Mike Armstrong
mfa at crec.ifas.ufl.edu
Thu Apr 14 07:06:45 EDT 2005
We've got ports for IP phones dropped in many public areas, conference
rooms, etc. I'd like to restrict these ports to known IP phones only. Port
Security won't work (at least not on the 3524s), since it restricts MAC
addresses to one specific port -- I don't care which port the device(s)
connect to, and in fact several devices (mostly conference phones) do roam.
Can't do it with DHCP, since an attacker could plug in a device with a
static IP. Any suggestions? Would changing the switches to another model
(3550s or 3750s) help?
Mike Armstrong
UF/IFAS CREC
Lake Alfred, FL
More information about the cisco-voip
mailing list