Identify physical switch port a packet is coming from?
Given a network structure like this:
client 1 \
. \
. switch -- firewall
. /
client n /
(in words: all clients connected to one switch and the switch connected to the firewall)
Is it possible (on the firewall) to identify the physical port on the switch that a client used?
Background: There’s some simple MAC authentification for the clients, there can only be 1 person responsible for what happens an a switch port (because there is just one RJ45 connector per room and 1 person who owns the room). However, it would be possible to fake the MAC address, then I wouldn’t know from which room the data is coming, however I need to know this for sure in case of abuses. Is this possible without vlans? Thanks for any hint!
You can know this by implementing port security on your switch. One requirement is that you have a managed switch. Only one MAC address will be allowed on each switch port.
Check more discussion of this question.
Related posts:
- Is it possible to match an internal IP address to a switch port?
- Connecting a physical ethernet port to a VMware virtual switch?
- HP switch ‘mirror port’ makes a Cisco switch port err-disabled due to keepalive loop-back
- Bootrequests coming from Cisco Switch
- Who moved this PC here aka Locate which port on switch a PC is plugged into
Leave a comment
Recent Posts
- SCP transfer only modified files
- How can I automate clearing and resetting a Linux user’s home directory to a default?
- Cron expression that runs every 5 minutes from 1:30 am – 6:00 am [duplicate]
- Understanding redundant power supplies
- Is there a way for administrators to disable users from installing Firefox extensions?