Bit of a mixed bag of questions here but am now looking to secure my switch infrastructure and after looking at some configurations online (and comparing on my switch) I think the configurations are out of date.
I am using an HP-2530 (J9280A) and would like to know the command structure for the following features.
Sticky mac: The ability to detect and fix mac addresses of devices per port.
DHCP Snooping: enabling trust for a DHCP server (or trust of an uplink to the server) interface.
Any other useful tips or settings which can help lock down the switch from wrong doers.
Thanks as always.
I found this by googling "hpe arubaos-switch access security guide" http://h20628.www2.hp.com/km-ext/kmcsdirect/emr_na-c05365163-4.pdf
Is that what you mean?
Yes, very useful thanks. These commands match the model and firmware of my switch.
Interestingly enough I have also found the command "aaa port-access use-lldp-data" like LLDP/LLDP-MED which is already enabled on the switch this is a single command (as seen above).
Would this be all that is required in this case, run the command, plug in the phones and let them update the ports ?
Also any additional "show" commands to confirm the settings would be useful also.
for VOIP, it is recommnaded to enable voice vlan (i will be auto configure LLDP)
I already used LLDP-MED with my deployments of VOICE VLAN so this should already be enabled.
I assume then that the sticky mac feature for LLDP is an extra command/setting applied ontop of the VOICE VLAN feature.
@alagoutte wrote:for VOIP, it is recommnaded to enable voice vlan (i will be auto configure LLDP)
I am sure this link could help you too:
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.