Home > Others

CCNA Experiment 18 port security for switches

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

CCNA Experiment 18 port Security for switches

Environment: Windows XP , Packet Tracer 3.5

Purpose : know how to protect switch port security.

Description

There are three ways to protect the switch port: (Note that switch port security can only be Access interface Configuration)

(1) Limit the maximum number of connections to the switch port, and the maximum number of connections is 1-128.

(2) switch port for MAC address binding

(3) switch port for IP Address binding (to be configured on a three-tier device)


How security violations are handled:

  (1)        protect , secure port will discard packets of unknown address (default

  (2)        restrict trap notice

(3) shutdown When a violation occurs, the port is closed and a TRAP notification is sent. To restore the port in global mode with errdisable recovery when the port is closed

Steps:

1 , open Packettracer To create a topology:

650) this.width=650; "src=" Http://hi.csdn.net/attachment/201011/21/0_1290341447TfDb.gif "/>




2.Configure the port security policy for SW0:

switch>en

Switch#conf T

Switch (config) #host SW0

SW0 (config) #int FA0/1

SW0 (config-if) #switchport mode access

SW0 (config-if) #switchport port-security

SW0 (config-if) #switchport port-security maximum 1

SW0 (config-if) #switchport port-security mac-address Sticky

SW0 (config-if) #switchport port-security violation shutdown

SW0 (config-if) #exit

SW0 (config) #int FA0/10

SW0 (config-if) #switchport mode acc

SW0 (config-if) #switchport port-security

SW0 (config-if) #switchport port-security mac-address 0006.2a40. C113

SW0 (config-if) #switchport port-security violation shutdown

3 , two units PC Proceed first Ping Test , and then view FA0/1 and the FA0/10 the security port status:

650) this.width=650; "src=" Http://hi.csdn.net/attachment/201011/21/0_1290341539ZC2a.gif "/>


4 , testing:

Connect the Port FA0/1 of the computer PC0 remove and pull back into a computer PC2 Connection

Connect the Port FA0/10 of the computer PC1 remove and pull back into a computer PC3 Connection

650) this.width=650; "src=" Http://hi.csdn.net/attachment/201011/21/0_12903416087C8C.gif "/>

The FA0/1 port is configured to only learn the first connection to its Mac address if another computer tries to connect it and the Mac address does not meet and exceeds the maximum number of connections 1,FA0/1 The port performs an automatic shutdown of exception handling.

The FA0/10 Port is bound to the MAC address of the PC1 , and when the other computer connects to this port but the MAC address does not match the binding address,FA0/10 The port performs an automatic shutdown of exception handling.


This article from "Liu Fengyuan" blog, declined reprint!

CCNA Experiment 18 port security for switches

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
cisco ccna security book best ccna security book ccna security book ccna security practice test cisco switches for dummies ccna security price ccna security study guide

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More