What is a VLAN?
What is a Native VLAN?
Native VLAN must be the same on both trunk ends?
What is a TRUNK?
What is DTP (Dynamic Trunking Protocol)
Basic Configuration of a VLAN
Show commands associated
What is a VLAN?
What is a Native VLAN?
Native VLAN must be the same on both trunk ends?
What is a TRUNK?
What is DTP (Dynamic Trunking Protocol)
Basic Configuration of a VLAN
Show commands associated
What is port security?
The Port Security feature remembers the Ethernet MAC address connected to the switch port and allows only that MAC address to communicate on that port. If any other MAC address tries to communicate through the port, port security will disable the port. Most of the time, network administrators configure the switch to send a SNMP trap to their network monitoring solution that the port’s disabled for security reasons.
How to enable port security
|
Switch)# config t Switch(config)# int fa0/18 Switch(config-if)# switchport port-security ? aging Port-security aging commands mac-address Secure mac address maximum Max secure addresses violation Security violation mode
Switch(config-if)# switchport port-security Switch(config-if)#^Z |
You can also configure port security on a range of ports.
|
Switch)# config t Switch(config)# int range fastEthernet 0/1 – 24 Switch(config-if)# switchport port-security Switch(config-if)#^Z |
SNMP Trap?
|
TBA
|
Show port security status of switch ports
|
Switch)# show port-security address |
The output should look something like this.
|
Switch#sh port-security address
Secure Mac Address Table ———————————————————————— Vlan Mac Address Type Ports 116 0013.d333.9007 SecureSticky Fa1/1 116 001a.6b61.5274 SecureSticky Fa1/2 990 0000.0000.0001 SecureConfigured Fa1/4 116 0016.41ef.4b5b SecureSticky Fa1/5 148 0000.74ad.e544 SecureSticky Fa1/6 136 0013.d333.9bef SecureSticky Fa1/7 990 0000.0000.0002 SecureConfigured Fa1/8 116 0013.d333.955f SecureSticky Fa1/9 990 0000.0000.0003 SecureConfigured Fa1/10 116 0016.1789.9d9f SecureSticky Fa1/12 116 000d.60c1.f423 SecureSticky Fa1/14 116 0013.d333.ab4d SecureSticky Fa1/15 |
Clear port security
There are few ways you can clear port securities.
|
Console> (enable) clear port security 4/1 00-11-22-33-44-55 |
00-11-22-33-44-55 cleared from secure address list list for port 4/1.
|
Console> (enable) clear port security sticky interface fa 0/1 |
Note: When port is in the disable mode (err- disable), in most cases you need to shutdown the interface and bring it up.
Note: if a MAC address is registered on a port and if you still want to assign this MAC address to another port in the same switch, I got in to so much trouble by doing this. In my experience you can not allocate 2 ports the same MAC address. You need to clear the port security and shut down one interface and assign the MAC address to the other port.
Cisco Reference: http://supportwiki.cisco.com/ViewWiki/index.php/How_to_configure_port_security_on_Cisco_Catalyst_switches_running_CatOS
|
Command |
Description |
|
Ctrl-A |
Jumps to the first character of the command line |
|
Ctrl-E |
Jumps to the end of the current command line |
|
Ctrl-F |
Moves the cursor forward one character |
|
Ctrl-B |
Moves the cursor back one character |
|
Esc B |
Moves the cursor back one word |
|
|
|
|
Esc D |
Deletes all from the cursor position to the end of the word |
|
Ctrl-D |
Deletes the character at the cursor |
|
Ctrl-K |
Deletes everything from the cursor position to the end of the line |
|
Ctrl-W |
Deletes the last word typed |
|
Ctrl-U, Ctrl-X |
Deletes everything from the cursor position to the beginning |
|
|
|
|
Ctrl-N |
Displays the next command line in the history buffer |
|
Ctrl-P |
Displays the previous command line in the history buffer |
|
|
|
|
Ctrl-L |
Repeats the current command line on a new line |
|
Ctrl-C |
Escapes and terminates prompts and tasks |
