Hot Downloads



The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: MAC Locking on Wired Network

MAC Locking on Wired Network 10 years 1 month ago #29316

  • drizzle
  • drizzle's Avatar Topic Author
  • Offline
  • Distinguished Member
  • Distinguished Member
  • Posts: 138
  • Thank you received: 0
I just got back from a long stay in Iraq. While I was out, our network guys setup mac locking on every wired port across the network. It turns out, all our users are a bit jaded with the support they got while I was gone and haven't mentioned the issues they are now experiencing. Many of them use their laptops to work in several different offices across our campus. The MAC Locking is now a serious detriment to business.

However, I am conscious of the security purposes for doing this. I would like to offer a better solution. I know we could go with 802.1x. What other options are out there? We are a full Cisco shop with the latest and greatest technology. Between MAC spoofing and the fact that all offices are secured and all visitors require an escort, I don't even think it is necessary.

Any advice?

Re: MAC Locking on Wired Network 10 years 1 month ago #29348

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Moderator
  • Posts: 1390
  • Karma: 1
  • Thank you received: 0
Its all going to depend on what you are protecting. You need to do a risk analysis and determine if the MAC filtering is causing too much inconvinence. At the end of the day, there needs to be a balance between security and usability.

Like you said, 802.1x would be better as it protects at the port level and users need to authenticate which means they can plug into any port as long as they can authenticate. Also Cisco NAC will give additional features of doing end point checking on hosts to ensure that they are at a base level before they get network access.
Wayne Murphy Team Member

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit or PM me for details.
  • Page:
  • 1
Time to create page: 0.101 seconds


Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V


  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup