If
you want to ensure that only a certain device—for example, a server—is plugged
into a particular switch port, you can configure the MAC address of the server
as a static entry associated with the switch port.
Configure
port security
Configuring
the Port Security feature is relatively easy. In its simplest form, port
security requires going to an already enabled switch port and entering the
port-security Interface Mode command. Here’s an example:
Switch#
config t
Switch(config)#
int fa0/22
Switch(config-if)#
switchport port-security ?
aging
Port-security aging commands
mac-address
Secure mac address
maximum
Max secure addresses
violation
Security violation mode
Switch(config-if)#
switchport port-security
Switch(config-if)#^Z
By
entering the most basic command to configure port security, we accepted the
default settings of only allowing one MAC address, determining that MAC address
from the first device that communicates on this switch port, and shutting down
that switch port if another MAC address attempts to communicate via the port.
But you don’t have to accept the defaults.
You
can also configure port security on a range of ports. Here’s an example:
Switch)#
config t
Switch(config)#
int range fastEthernet 0/1 - 12
Switch(config-if)#
switchport port-security
However,
you need to be very careful with this option if you enter this command on an
uplink port that goes to more than one device. As soon as the second device
sends a packet, the entire port will shut down.
View
the status of port security
Once
you’ve configured port security and the Ethernet device on that port has sent
traffic, the switch will record the MAC address and secure the port using that
address. To find out the status of port security on the switch.
Switch#
show port-security address
Disabling
Port Security in Cisco Switch
Now
we will see an example how to disable port security in cisco security.We have
configured fa0/22 for port security now if you want to disable port security
follow these steps
Switch#
config t
Switch(config)#
int fa0/22
Switch(config-if)#
no switchport port-security
Switch(config-if)#
end
More Cisco Switch Tips You can visit: http://blog.router-switch.com/category/reviews/cisco-switches/
No comments:
Post a Comment