-3

I'm trying to write a script that can block a host by shutting down a switchport directly on the Switch.

I have access to the Cisco Router and the computer, how do I find out which Switch my computer is connected to?

I tried using "show arp" and "show cdp neighbors" but the interface of the host IP address just isn't written there. Or maybe I just didn't get the command.

Anyway, the Network administrator suggested that I'm just supposed to connect to the "neighbors" until eventually there aren't any and that's how I know I reached the direct Switch. But it doesn't work for me. Is there an easier way?

AgentsOfShield
  • 11
  • 3

1 Answers1

0

Cisco IOS provide this feature called port-security. You can use it to restrict access on an interface that you want limiting and identifying MAC addresses of devices that are allowed to send packet throught this port.

Also this option allows to define the reaction of the switch after detection of the violation access. 

SW1(config)# interface fa 0/0
SW1(config)# switchport mode access
SW1(config-if)# switchport port-security

First login on the switch, and select the interface that you want to activate port-security in global configuration.

Depending what you try to do, you have the option of set a MAC address that have authorization to send packet on the network. 

SW1(config-if)# switchport port-security mac-address cafe.dead.bad4

Ok, now you have 3 options to define how the switch will react when a violation detection occur:

  1. protect (stop sending packet, without log)
  2. restrict (stop sending packet + log message)

  3. shutdown (put the interface in shutdown state)

    SW1(config-if)# switchport port-security violation shutdown

When a violation occure, you can see in show command, the interface will be in err-disable.

No script is required for that

s4r4z1n
  • 7
  • 3