Switchport security associates specific MAC addresses of PCs with specific interfaces on a switch. It gives you the ability to restrict to a switch interface so that only authorised devices can use it. You can define the port action with three different modes : Protect(sends an alert), restrict(discards), shutdown(closes the port)
Implement Port security
Build a simple topology and assign IP addresses to the PCs:
-set the switchport as an access port
-enabled port security
-defined which mac addresses are allowed through the interface (sticky dynamically learns of mac addresses currently connected to the host
Then define the maximum number of MAC addresses that can be received on the switch using the following command switchport port-security maximum 1 (1 is the number that can be changed)
That's the configuration done for fa0/1 we just need to repeat it for Fa0/2. Interface range fa0/1-2 would have done this together to avoid doing two separate configs.
Finally if we ping between the two pcs and run the show port-security interface fa0/1 command on the switch .You can now see the maximum allowed devices, port status and the mac address that has passed through.
No comments:
Post a Comment