[cisco-voip] Restricting VoIP VLAN ports to known phones only
Marcin Nowacki
Marcin_Nowacki at sevenet.pl
Thu Apr 14 07:44:13 EDT 2005
Check this out :
http://www.cisco.com/en/US/netsol/ns340/ns394/ns171/ns128/networking_solutions_white_paper09186a00801b7a50.shtml
Marcin
-----Original Message-----
From: cisco-voip-bounces at puck.nether.net [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Kádár Zsolt
Sent: Thursday, April 14, 2005 1:32 PM
To: Mike Armstrong; cisco-voip at puck.nether.net
Subject: RE: [cisco-voip] Restricting VoIP VLAN ports to known phones only
Hi Mike,
If you have any Catalyst 4000, 5000, 6000 in your network, try to use VMPS feature.
http://www.cisco.com/en/US/products/hw/switches/ps628/products_configuration_guide_chapter09186a00800d84be.html#xtocid36
Zsolt Kadar
-----Original Message-----
From: Mike Armstrong [mailto:mfa at crec.ifas.ufl.edu]
Sent: Thursday, April 14, 2005 1:07 PM
To: cisco-voip at puck.nether.net
Subject: [cisco-voip] Restricting VoIP VLAN ports to known phones only
We've got ports for IP phones dropped in many public areas, conference rooms, etc. I'd like to restrict these ports to known IP phones only. Port Security won't work (at least not on the 3524s), since it restricts MAC addresses to one specific port -- I don't care which port the device(s) connect to, and in fact several devices (mostly conference phones) do roam.
Can't do it with DHCP, since an attacker could plug in a device with a static IP. Any suggestions? Would changing the switches to another model (3550s or 3750s) help?
Mike Armstrong
UF/IFAS CREC
Lake Alfred, FL
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
Ez az üzenet és a hozzá kapcsolódó fájlok, tervezetek kizárólag a
Címzettnek szólnak, a bennük foglalt információk bizalmasak, melyek
titokban maradásához a Synergon Informatika Rt.-nek jogilag méltányolható
érdeke fűződik. Amennyiben valamely hiba folytán Ön nem a címzettje ennek a
levélnek, kérjük, semmisítse meg, és értesítse az üzenet küldőjét. Az
üzenet az elküldés előtt vírusellenőrzésen esett át, de a vírusmentességére
nincs semmilyen garancia, ezért kérjük, ellenőrizze azt!
DISCLAIMER
This e-mail and any attached files are confidential and may be legally
privileged. The content of this e-mail is subject of efforts by Synergon to
maintain its confidentiality. Also this e-mail is intended for the sole use
of the individual or entity to whom it is addressed. If you are not the
addressee, and received this transmission in error please delete this
e-mail and notify its sender immediately. This e-mail message has been
checked for computer viruses but it could still be infected. Please test it
for viruses before use.
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
More information about the cisco-voip
mailing list