Configure Cisco Port Security on Cisco switch (COMPLETE GUIDE)

Опубликовано: 29 Сентябрь 2024
на канале: Ferds Tech Channel

2,596

Port Security - You can use the port security feature to restrict input to an interface by limiting and identifying MAC addresses of the stations allowed to access the port.

Types of Secure MAC Addresses
1. Static secure MAC addresses
2. Dynamic secure MAC addresses
3. Sticky secure MAC addresses

Security Violation Mode Actions
1. Protect
2. Restrict
3. Shutdown
4. Shutdown vlan

#########
ENABLING
#########

**SW1**
conf t
interface FastEthernet0/1
switchport mode access
switchport port-security
switchport port-security maximum 1
switchport port-security violation shutdown
switchport port-security aging time 1
end
wr
!
conf t
interface FastEthernet0/2
switchport mode access
switchport port-security
switchport port-security maximum 1
switchport port-security violation shutdown
switchport port-security mac-address sticky
switchport port-security aging time 1
end
wr
conf t
interface FastEthernet0/3
switchport mode access
switchport port-security
switchport port-security maximum 1
switchport port-security violation shutdown
switchport port-security mac-address 0060.2F9A.30E4
switchport port-security aging time 1
end
wr

#########
VERIFYING
#########
show run
show port-security
show port-security address

show port-security interface FastEthernet0/1
show port-security interface FastEthernet0/2
errdisable recovery cause psecure-violation

########
TESTING
########
1. Remove and connect a different PC to int Fa0/2.
2. Port should go into error disabled state. show interface status to verify.
3. Connect the original laptop.
4. Shut and no shut the port to resolve the issue.

References:
Chapter: Port Security
https://www.cisco.com/c/en/us/td/docs...

#ccna #cisco #ccnp #networking