Home > Others

CCNA authentication: Switch configuration and Port Security (1)

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

VswitchThe following figure shows the instance topology configuration:

Basic vswitch Configuration

 
 
    
  
  
  1. Switch> enable  Switch# config ter  
    2. 
  
  
  2. Switch(config)# hostname Switch  Switch(config)# interface vlan 1  
    3. 
  
  
  3. Switch(config-if)# ip address 192.168.1.10 255.255.255.0  Switch(config-if)# no shutdown  
    4. 
  
  
  4. Switch(config-if)# exit  Switch(config)# ip default-gateway 192.168.1.1  
    5. 
  
  
  5. Switch(config)# end  Switch#show int vlan 1  
    6. 
  
  
  6. Vlan1 is administratively down, line protocol is down    Hardware is CPU Interface, address is 0001.9719.ab57 (bia 0001.9719.ab57)  
    7. 
  
  
  7.   Internet address is 192.168.1.10/24    MTU 1500 bytes, BW 100000 Kbit, DLY 1000000 usec,  
    8. 
  
  
  8.      reliability 255/255, txload 1/255, rxload 1/255    Encapsulation ARPA, loopback not set  
    9. 
  
  
  9.   ARP type: ARPA, ARP Timeout 04:00:00    Last input 21:40:21, output never, output hang never  
    10. 
  
  
  10.   Last clearing of “show interface” counters never    Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0  
    11. 
  
  
  11.   Queueing strategy: fifo    Output queue: 0/40 (size/max)  
    12. 
  
  
  12.   5 minute input rate 0 bits/sec, 0 packets/sec    5 minute output rate 0 bits/sec, 0 packets/sec  
    13. 
  
  
  13.      1682 packets input, 530955 bytes, 0 no buffer       Received 0 broadcasts (0 IP multicast)  
    14. 
  
  
  14.      0 runts, 0 giants, 0 throttles       0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored  
    15. 
  
  
  15.      563859 packets output, 0 bytes, 0 underruns       0 output errors, 23 interface resets  
    16. 
  
  
  16.      0 output buffer failures, 0 output buffers swapped out  Switch# 
    17.

Configure the settings of each PC

 
 
    
  
  
  1. a) PC1       IP ADDRESS:192.168.1.100  
    2. 
  
  
  2.      SUBMASK: 255.255.255.0       DEFAULT-GATEWAY: 192.168.1.1  
    3. 
  
  
  3. b) PC2       IP ADDRESS:192.168.1.101  
    4. 
  
  
  4.      SUBMASK: 255.255.255.0       DEFAULT-GATEWAY: 192.168.1.1  
    5. 
  
  
  5. c) PC3       IP ADDRESS:192.168.1.102  
    6. 
  
  
  6.      SUBMASK: 255.255.255.0       DEFAULT-GATEWAY: 192.168.1.1 
    7.

Verify

 
 
    
  
  
  1. d) PC1       
    2. 
  
  
  2. ping 192.168.1.101  
    3. 
  
  
  3. ping 192.168.1.102 
    4.

Nengtong

 
 
    
  
  
  1. e) PC2       
    2. 
  
  
  2. ping 192.168.1.100  
    3. 
  
  
  3. ping 192.168.1.102 
    4.

Nengtong

View the MAC table dynamically learned by the vswitch

Because we access each other through the ping command, the switch will dynamically learn the MAC addresses of each PC!

 
 
    
  
  
  1. Switch#show mac-address-table             Mac Address Table  
    2. 
  
  
  2. ——————————————-   
    3. 
  
  
  3. Vlan    Mac Address       Type        Ports  —-    ———–       ——–    —–  
    4. 
  
  
  4.     1    0001.4246.a36c    DYNAMIC      Fa0/3  
    5. 
  
  
  5.    1    0009.7c35.7001   DYNAMIC     Fa0/24     1    00d0.58b6.24da    DYNAMIC     Fa0/2  
    6. 
  
  
  6.    1    00d0.bc37.3d6b    DYNAMIC     Fa0/1  
    7.

Currently, the F0/1 interface of the vswitch is configured to only allow access from PC0. If the access from other PCs is illegal, the interface is disabled and cannot be enabled.

 
 
    
  
  
  1. Switch # config term Switch (config) # interface f0/1
    2. 
  
  
  2. Switch (config-if) # switchport mode access // set the interface to the access interface Switch (config-if) # switchport port-security // enable port security on the Interface
    3. 
  
  
  3. Switch (config-if) # switchport port-security mac 00d0. 58b6. 24da // bind the MAC address of PC0 to this interface. The MAC address can be viewed in step 3.
    4. 
  
  
  4. Switch (config-if) # switchport port-security maximum 1 // because we only allow PC0 access, set the access volume to 1
    5. 
  
  
  5. Switch (config-if) # switchport port-security violation shutdown // The operation after illegal user access is disabled
    6.

Verification:

 
 
    
  
  
  1. Switch# show port-security interface f0/1  Port Security : Enabled  
    2. 
  
  
  2. Port Status : Secure-up  Violation Mode : Shutdown  
    3. 
  
  
  3. Aging Time : 0 mins  Aging Type : Absolute  
    4. 
  
  
  4. SecureStatic Address Aging : Disabled  Maximum MAC Addresses : 1  
    5. 
  
  
  5. Total MAC Addresses : 1  Configured MAC Addresses : 1  
    6. 
  
  
  6. Sticky MAC Addresses : 0  Last Source Address:Vlan : 00D0.58B6.24DA:1  
    7. 
  
  
  7. Security Violation Count : 0 
    8.


This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
ccna security practice questions cisco ccna security book best ccna security book ccna security book ccna security practice test ccna security price ccna security study guide

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More