VLANs and Trunks (CCNA,CCNP)

What is a VLAN?

VLAN Diagram

What is a Native VLAN?

Native VLAN must be the same on both trunk ends?

What is a TRUNK?

What is DTP (Dynamic Trunking Protocol)

Basic Configuration of a VLAN 

Show commands associated

Switch Port Security

What is port security?

The Port Security feature remembers the Ethernet MAC address connected to the switch port and allows only that MAC address to communicate on that port. If any other MAC address tries to communicate through the port, port security will disable the port. Most of the time, network administrators configure the switch to send a SNMP trap to their network monitoring solution that the port’s disabled for security reasons.


How to enable port security


Switch)# config t

Switch(config)# int fa0/18

Switch(config-if)# switchport port-security ?

            aging                            Port-security aging commands

            mac-address                             Secure mac address

            maximum                      Max secure addresses

            violation                         Security violation mode



Switch(config-if)# switchport port-security




You can also configure port security on a range of ports.


Switch)# config t

Switch(config)# int range fastEthernet 0/1 – 24

Switch(config-if)# switchport port-security




SNMP Trap?







Show port security status of switch ports


Switch)# show port-security address

The output should look something like this.


Switch#sh port-security address


Secure Mac Address Table


Vlan    Mac Address                Type                            Ports

116       0013.d333.9007             SecureSticky                 Fa1/1     

116       001a.6b61.5274             SecureSticky                 Fa1/2     

990       0000.0000.0001             SecureConfigured         Fa1/4     

116       0016.41ef.4b5b              SecureSticky                 Fa1/5     

148       0000.74ad.e544             SecureSticky                 Fa1/6     

136       0013.d333.9bef              SecureSticky                 Fa1/7     

990       0000.0000.0002             SecureConfigured         Fa1/8     

116       0013.d333.955f              SecureSticky                 Fa1/9     

990       0000.0000.0003             SecureConfigured         Fa1/10    

116       0016.1789.9d9f              SecureSticky                 Fa1/12    

116       000d.60c1.f423              SecureSticky                 Fa1/14    

116       0013.d333.ab4d             SecureSticky                 Fa1/15    

Clear port security


There are few ways you can clear port securities.


Console> (enable) clear port security 4/1 00-11-22-33-44-55


00-11-22-33-44-55 cleared from secure address list list for port 4/1.


Console> (enable) clear port security sticky interface fa 0/1



Note: When port is in the disable mode (err- disable), in most cases you need to shutdown the interface and bring it up.


Note: if a MAC address is registered on a port and if you still want to assign this MAC address to another port in the same switch, I got in to so much trouble by doing this. In my experience you can not allocate 2 ports the same MAC address. You need to clear the port security and shut down one interface and assign the MAC address to the other port.


Cisco Reference: http://supportwiki.cisco.com/ViewWiki/index.php/How_to_configure_port_security_on_Cisco_Catalyst_switches_running_CatOS

Command-Line Editing Keystrokes




Jumps to the first character of the command line


Jumps to the end of the current command line


Moves the cursor forward one character


Moves the cursor back one character

Esc B

Moves the cursor back one word



Esc D

Deletes all from the cursor position to the end of the word


Deletes the character at the cursor


Deletes everything from the cursor position to the end of the line


Deletes the last word typed

Ctrl-U, Ctrl-X

Deletes everything from the cursor position to the beginning




Displays the next command line in the history buffer


Displays the previous command line in the history buffer




Repeats the current command line on a new line


Escapes and terminates prompts and tasks