- #CISCO MAC ADDRESS SECURITY HOW TO#
- #CISCO MAC ADDRESS SECURITY LICENSE#
- #CISCO MAC ADDRESS SECURITY DOWNLOAD#
#CISCO MAC ADDRESS SECURITY HOW TO#
How to Configure Switch Port Security on Cisco Switches – Technig Port Security Guidelines and Restrictionsįollow these guidelines when configuring port security.
#CISCO MAC ADDRESS SECURITY DOWNLOAD#
To practice and learn to configure port security on Cisco switch, just download the port security packet tracer lab or create your own lab and follow the switch port security configuration guideline.ĭownload Switch Port Security Configuration Packet Tracer Lab. It provides guidelines, procedures, and configuration examples. Watch the video below to get a better understanding of Port Security’s working logic and also subscribe to our YouTube channel to support us!īu yazımızda, Cisco anahtarları üzerinde port güvenliği nasıl sağlanır temel olarak ele aldık.This article describes how to configure switch port security on Cisco Switches. Switch#show port-security interface fa0/1 Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action
#CISCO MAC ADDRESS SECURITY LICENSE#
License udi pid CISCO1941/K9 sn FTX1524837C Switchport port-security mac-address sticky 0007.EC9C.8167 Switchport port-security mac-address sticky 0001.43EC.7639 Switchport port-security mac-address sticky No service timestamps debug datetime msec Therefore, you can set the Fa0/1 port to Up by executing the shutdown command and then no shutdown.Īfter activating the FastEthernet0/1 interface, connect PC0 to the Switch again and test the network connection. Likewise, when you execute the show port-security command, you may see a 1 increment in the Violation Count section.īecause the port is in the shutdown state, a system administrator must manually open this port. When you ping from PC2 to PC1, you can see that the process failed.Īfter this, the Switch detected a violation in the Fa0/1 interface, matched the MAC address in its memory, and immediately closed the Port when it realized that it was different from the MAC address in the table.Īfter a violation on the switch, check the interface status by running the show ip interface brief command at the CLI prompt.Īs you can see in the image below, the FastEthernet0/1 interface is down. Then, disconnect the cable between PC0 and Switch0.Īfter configuring PC2 computer, connect to Fa0/1 interface on Switch0. Now add another computer to the workspace to test whether port security is working and configure the IP settings of this computer. You can view the detailed information of the FastEthernet0/1 interface by applying the show port-security interface fa0/1 command. The MAC addresses here will be compared in case of violations. When you execute the show mac address-table command, you can see that the MAC addresses of the computers connected to the Switch are saved in the table. The SecurityViolation (Count) section is 0 because there are no violations on the interfaces.
In the privileged mode of the switch, execute the show port-security command. In the event of any breach of these interfaces, the Fa0/1 or Fa0/2 interfaces will be shutdown. With a maximum of 1 command, only 1 MAC address will be stored and Port Security will be provided.With the Mac-address sticky command, the MAC addresses of the computers connected to the interfaces are automatically stored.The interface is set to access mode with the Switchport Mode Access command.Port Security is activated in FastEthernet0/1 and FastEthernet0/2 interfaces on the switch.If we explain the above configuration commands Switch(config-if)#switchport port-security violation shutdown Switch(config-if)#switchport port-security maximum 1 Switch(config-if)#switchport port-security mac-address sticky Switch(config-if)#switchport port-security Switch#configure terminalĮnter configuration commands, one per line. After the connection test, click on the Cisco Switch.Ĭlick on the Switch to open the CLI prompt, and then execute the following commands to enable port security. Similarly, test the connection with Ping from PC1. Ping the PC0 to the Router interface and PC1 to test the connection. Open Cisco Packet Tracer and add one Router, Switch and two computers to the workspace, then assign the IP address to the Cisco Router.īefore enabling Port Security, test the network connection between clients.
0 kommentar(er)
