Differences

This shows you the differences between two versions of the page.

--- icnd1:switchport_security [2024/04/30 03:57]
114.119.149.71 old revision restored (2017/08/01 00:34)
+++ icnd1:switchport_security [2024/05/21 02:45] (current)
114.119.145.194 old revision restored (2023/10/11 17:59)
@@ Line 3: / Line 3: @@
 An attempt at securing the physical ports on cisco switches by denying access based on the MAC address of the connected device. Each port has it's own collection of acceptable MAC addresses with which to permit traffic that can be automatically or manually specified as well as the action taken upon violation of the switchport sec configuration.
-====Violation Actions:====
+Violation Actions:
-----
   ***Shutdown** (**DEFAULT**)
     * Port shuts down immediately. When in error-disabled-state you can ressurect the port with errdisable recovery cause psecure-violation (global config) OR manually toggle up status on the interface with shutdown, no shutdown (int config).
@@ Line 13: / Line 12: @@
 ===== Configuration =====
 ----
-Switchport security cannot be enabled on dynamic port types.
+Switchport security
-  *Int FA01
-  *swport mode access
-  *enable port sec
-  *port sec max address to store is 1
-  *mac-addres stick, auto learn the next mac address on this port.
-  *violation mode set to shutdown.
-  *Show command to verify configuration on fa0/1.
 <code>
 Switch(config)#interface fastEthernet 0/1
-Switch(config-if)#switchport mode access
-Switch(config-if)#switchport port-security
-Switch(config-if)#switchport port-security maximum 1
-Switch(config-if)#switchport port-security mac-address sticky
-Switch(config-if)#switchport port-security violation shutdown
-Switch(config-if)#do show port int fa0/1
 </code>
-==== Notes ====
-  * With **''switchport port-security''** **enabled**, the incoming frames (that aren't dropped) will be recorded as STATIC in the MAC table.

Abrer_Wiki

User Tools

Site Tools

Differences

Page Tools