VLANs and Trunks (CCNA,CCNP)

What is a VLAN?

VLAN Diagram

What is a Native VLAN?

Native VLAN must be the same on both trunk ends?

What is a TRUNK?

What is DTP (Dynamic Trunking Protocol)

Basic Configuration of a VLAN 

Show commands associated

Switch Port Security

What is port security?

The Port Security feature remembers the Ethernet MAC address connected to the switch port and allows only that MAC address to communicate on that port. If any other MAC address tries to communicate through the port, port security will disable the port. Most of the time, network administrators configure the switch to send a SNMP trap to their network monitoring solution that the port’s disabled for security reasons.

 

How to enable port security

 

Switch)# config t

Switch(config)# int fa0/18

Switch(config-if)# switchport port-security ?

            aging                            Port-security aging commands

            mac-address                             Secure mac address

            maximum                      Max secure addresses

            violation                         Security violation mode

 

 

Switch(config-if)# switchport port-security

Switch(config-if)#^Z

 

 

You can also configure port security on a range of ports.

 

Switch)# config t

Switch(config)# int range fastEthernet 0/1 – 24

Switch(config-if)# switchport port-security

Switch(config-if)#^Z

 

 

SNMP Trap?

 

 

TBA

 

 

 

Show port security status of switch ports

 

Switch)# show port-security address

 
The output should look something like this.

 

Switch#sh port-security address

 

Secure Mac Address Table

————————————————————————

Vlan    Mac Address                Type                            Ports

116       0013.d333.9007             SecureSticky                 Fa1/1     

116       001a.6b61.5274             SecureSticky                 Fa1/2     

990       0000.0000.0001             SecureConfigured         Fa1/4     

116       0016.41ef.4b5b              SecureSticky                 Fa1/5     

148       0000.74ad.e544             SecureSticky                 Fa1/6     

136       0013.d333.9bef              SecureSticky                 Fa1/7     

990       0000.0000.0002             SecureConfigured         Fa1/8     

116       0013.d333.955f              SecureSticky                 Fa1/9     

990       0000.0000.0003             SecureConfigured         Fa1/10    

116       0016.1789.9d9f              SecureSticky                 Fa1/12    

116       000d.60c1.f423              SecureSticky                 Fa1/14    

116       0013.d333.ab4d             SecureSticky                 Fa1/15    


Clear port security

 

There are few ways you can clear port securities.

 

Console> (enable) clear port security 4/1 00-11-22-33-44-55

 

00-11-22-33-44-55 cleared from secure address list list for port 4/1.

 

Console> (enable) clear port security sticky interface fa 0/1

 

 

Note: When port is in the disable mode (err- disable), in most cases you need to shutdown the interface and bring it up.

 

Note: if a MAC address is registered on a port and if you still want to assign this MAC address to another port in the same switch, I got in to so much trouble by doing this. In my experience you can not allocate 2 ports the same MAC address. You need to clear the port security and shut down one interface and assign the MAC address to the other port.

 

Cisco Reference: http://supportwiki.cisco.com/ViewWiki/index.php/How_to_configure_port_security_on_Cisco_Catalyst_switches_running_CatOS

Command-Line Editing Keystrokes

Command

Description

Ctrl-A

Jumps to the first character of the command line

Ctrl-E

Jumps to the end of the current command line

Ctrl-F

Moves the cursor forward one character

Ctrl-B

Moves the cursor back one character

Esc B

Moves the cursor back one word

 

 

Esc D

Deletes all from the cursor position to the end of the word

Ctrl-D

Deletes the character at the cursor

Ctrl-K

Deletes everything from the cursor position to the end of the line

Ctrl-W

Deletes the last word typed

Ctrl-U, Ctrl-X

Deletes everything from the cursor position to the beginning

 

 

Ctrl-N

Displays the next command line in the history buffer

Ctrl-P

Displays the previous command line in the history buffer

 

 

Ctrl-L

Repeats the current command line on a new line

Ctrl-C

Escapes and terminates prompts and tasks