ugh, meant sticky obviously...
Pretty straightforward situation, we have port security enabled on the "public" facing ports in our office (ports that could be reached without needing to swipe a card) with sticky static MAC addresses. We have a few people who sometimes rotate to the front desk but still have their own desk at another location. The entire first floor of the building runs on the same switch stack.
The issue arises when a user's MAC address is statically assigned to the front desk port via sticky and later they go back to their desk and try to connect via ethernet. Having a MAC address exist on two different ports on the same switch obviously causes problems.
To try to head off some obvious solutions:
- I know we could assign one of the ports to a different vlan but we're trying to avoid that because we have a vlan layout and IP design that we're trying to stick to.
- We could have the user in question stick to wifi at their own desk
These two solutions are perfectly valid and I'm aware of them so I'm hoping to avoid those replies.
What I'm asking is if there is some way to keep all the ports on the same user vlan and make this work. i.e. is there some way to have a MAC address sticky to one port while at the same time, dropping off that port's config when it's disconnected?
No comments:
Post a Comment