Hot Downloads

×

Notice

The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: network design

network design 9 years 6 months ago #28583

Core Switch : Catalyst 3750
20 vlans created.

Core switch act as VTP domain
all other switches are as vtp client, connected as trunk

vlan traffic is routed through access-list

Floor 10 Core Switch Catalyst 3750
Floor 9 Catalyst 2900
Floor 8 Catalyst 2900
Floor 7 Catalyst 2900
Floor 6 Catalyst 2900
Floor 5 Catalyst 2900
Floor 4 Catalyst 2900
Floor 3 Catalyst 2900
Floor 2 Catalyst 2900
Floor 1 Catalyst 2900

My requirments are

1. User 1 in vlan 10, if he connect his laptop anywhere in the building he should be at vlan 10
2. User 1 found administrator password and change his ip to vlan 20 ip, he should NOT be able to access vlan 20, or the switch should block his MAC

whats the easiest way to do this, using the above switches

Re: network design 9 years 6 months ago #28601

Let's take first things first. Your 1st requirement:
"User 1 in vlan 10, if he connect his laptop anywhere in the building he should be at vlan 10"
To do this, it is my understanding that you would need a VLAN Membership Policy Server (VMPS), which can be run on a Catalyst 4500 or 6500. As you don't have any VMPS capable switches, it looks like you wont be able to meet this requirement... or you could setup up a 3rd party on FreeNAC.

If you do setup a VMPS, and he changes his IP, he wont be able to communicate with any devices, as either his IP will be out of the range of his Default Gateway, or his self-assigned gateway will mismatch that which the switch is giving him via the VMPS/VTP/VLAN (ie, the switch will still assign him vlan 10).

If there is another way, I'd be interested...
  • Page:
  • 1
Time to create page: 0.130 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup