Port Security On Cisco Switch |In this article
we learn about configure port security on cisco switch. It is very important to
enhance network security .any persons can intestinally do any harmful activity
as normally by default all ports are open on the cisco switch. To prevent it
network admin bind the mac address to
the switch port and set the violation mode.
Lab Diagram
 |
| Configure port security on cisco switch using packet tracer via switch port |
In the
above diagram pc0,pc1 and pc2 are
sequencially connected to fa0/1,fa0/2 and fa0/3 of the switch. When we are
going to connect pc3 to fa0/1 port of the switch as per the configuration the
port fa0/1 will be shutdown.
Configuation port security on cisco switch
Now this is
time to configure port security on cisco switch.
Switch#conf
t
Enter
configuration commands, one per line. End with CNTL/Z.
Switch(config)#int
fa0/1
Switch(config-if)#switchport
port-security maximum 1
Switch(config-if)#switchport
port-security violation shutdown
Switch(config-if)#switchport
port-security mac-address sticky
Switch(config-if)#exit
Verify
the Configuation of port security on cisco
switch
To verify
the configuration of port security on cisco switch execute the following
command . After executing the command we get the mac address.
Switch#show
mac-address-table
Mac
Address Table
-------------------------------------------
Vlan Mac
Address Type Ports
----
----------- -------- -----
From the
above output we don’t get any output. After do pinging from pc0 to pc1 we get
the output the of the mac-address-table.
Packet
Tracer PC Command Line 1.0
C:\>ping
192.168.1.3
Pinging
192.168.1.3 with 32 bytes of data:
Reply
from 192.168.1.3: bytes=32 time=15ms TTL=128
Reply
from 192.168.1.3: bytes=32 time=1ms TTL=128
Reply
from 192.168.1.3: bytes=32 time<1ms TTL=128
Reply
from 192.168.1.3: bytes=32 time<1ms TTL=128
Ping
statistics for 192.168.1.3:
Packets:
Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate
round trip times in milli-seconds:
Minimum
= 0ms, Maximum = 15ms, Average = 4ms
After
executing the pinging from pc0 to pc1 we the mac address table output
Switch#show
mac-address-table
Mac
Address Table
-------------------------------------------
Vlan Mac
Address Type Ports
----
----------- -------- -----
Switch#show
mac-address-table
Mac
Address Table
-------------------------------------------
Vlan Mac
Address Type Ports
----
----------- -------- -----
1
0002.16c5.9b76 DYNAMIC Fa0/1
1
0060.5c47.175d DYNAMIC Fa0/2
When we are
going to connect pc3 to fa0/1 port of the switch due to exceed the maximum limit
the port will be violated and shutdown. Thats why when we are trying to ping from pc3 to pc1 we
get the “request time out” output.
If this article is useful to know about Port Security On Cisco Switch please share and subscribe it
If this article is useful to know about Port Security On Cisco Switch please share and subscribe it
0 comments:
Post a Comment