Practice: CISCO Switch Port Security (1)

We have explained a lot about the configurations of CISCO switches. Here we will mainly explain the port security configurations of CISCO 3550 switches. Scenario: There is a CISCO3550 switch in a certain unit. For the sake of network security, the security requirements for some ports are high, that is, only the specified host can be connected, for example, if you set up an office, only one laptop can access the network. When you take the laptop out, even if the network interface is blank, other computers cannot use the network cable. Next we will look at how network managers gradually achieve this requirement.

I. How to Determine the vswitch port disconnection status

As a network administrator, before applying new functions, you must first pass the test. To ensure the stable operation of the network, you can only test new functions on idle ports. It is a way to find an idle port and view it directly before the switch. Of course, as a senior Network Administrator, this is generally not the case, we can find the answer we need by executing corresponding commands on the vswitch. I used the show inter command in the past, but this command displays too much information, which seems inconvenient. Now I am using the show inter status Command, this command displays the disconnected status of each port one by one (expressed by "connected" and "notconnect ), in this example, I found an idle Port 3 through this command for subsequent testing.

3550 # show inter status
Port Name Status Vlan Duplex Speed Type
Fa0/3 huangtun notconnect 66 autoauto 10/100 BaseTX