Port Security is a very useful feature that can be used to limit access to switch ports. It means you can bind the MAC address and also
you can limit the mac address which are authorized .
•Static, authorized MAC addresses can be pre-configured
Port-Security Violations
Protect:- This violent mode silently discard the frame , if the source MAC is the authorized user.
Restrict:- This Violent mode discard the frame but it logs the record .
Switch port-security:- If you only run this command , It means it will learn the first MAC address dynamically and that would be the only MAC is allowed on that port , When second MAC comes it will shutdown the port .
Switch port-security violation restrict:- If you set it to the restrict ,it will discard the frames but it will not make shutdown the port instead it will log the record of violation , means how many times there is a violation on the port .
Switch
port-security maximum 3 :-if you set the maximum
with a value 3, it means you are going to allowed maximum 3 mac address on the
port .Statically or dynamically .
Switch
port-security mac-address sticky:-It will
learn the mac address dynamically and then it will show un in running
configuration , and if we save it using write memory then those MAC address
will be authorized as long as there is
an entry .
interface fa0/1
switchport mode access
switchport access vlan 101
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0022.6732.8d32 vlan access
Verifications.
Switch#show port-security
Switch#show port-security interface fa0/1
Switch#show port-security address
No comments:
Post a Comment