Home | Site Map | Cisco How ToNet How To | Wireless |Search | Forums | Services | Donations | Careers | About Us | Contact Us|

How to Configure port security

Cisco Router, Firewall, VPN, SDM, ASA and Switch

How to Configure port security

Postby guest » Tue Jun 05, 2012 4:08 pm

Configuring the Port Security feature is relatively easy. In its simplest form, port security requires going to an already enabled switch port and entering the port-securityInterface Mode command. Here's an example:

Switch)# config t Switch(config)# int fa0/18 Switch(config-if)# switchport port-security ? aging Port-security aging commands mac-address Secure mac address maximum Max secure addresses violation Security violation mode Switch(config-if)# switchport port-security Switch(config-if)#^Z By entering the most basic command to configure port security, we accepted the default settings of only allowing one MAC address, determining that MAC address from the first device that communicates on this switch port, and shutting down that switch port if another MAC address attempts to communicate via the port. But you don't have to accept the defaults.

Of course, you can also configure port security on a range of ports. Here's an example:

Switch)# config t Switch(config)# int range fastEthernet 0/1 - 24 Switch(config-if)# switchport port-security
Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com

Troubleshooting Vista Wireless
http://chicagotech.net/
guest
 
Posts: 10191
Joined: Mon Nov 27, 2006 1:10 pm

Re: How to Configure port security

Postby blin » Mon May 20, 2013 11:01 pm

Some examples:

1. switchport Port-security maximum 2

2. switchport Port-security violation shutdown

3. sh porowt-security
Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action
(Count) (Count) (Count)
---------------------------------------------------------------------------
Gi1/0/6 1 0 0 Restrict
---------------------------------------------------------------------------
Total Addresses in System (excluding one mac per port) : 0
Max Addresses limit in System (excluding one mac per port) : 3072

4. switchport Port-security aging time 10 (for 10minutes0

5. show port-security address
Secure Mac Address Table
------------------------------------------------------------------------
Vlan Mac Address Type Ports Remaining Age
(mins)
---- ----------- ---- ----- -------------
------------------------------------------------------------------------
Total Addresses in System (excluding one mac per port) : 0
Max Addresses limit in System (excluding one mac per port) : 3072
How to Configure and Troubleshoot Cisco
http://www.howtocisco.com

Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com
blin
Site Admin
 
Posts: 3605
Joined: Wed Dec 31, 1969 7:00 pm
Location: Chicago, USA

Re: How to Configure port security

Postby blin » Mon May 20, 2013 11:18 pm

6. clear port-security sticky

7. show port-security address
Secure Mac Address Table
------------------------------------------------------------------------
Vlan Mac Address Type Ports Remaining Age
(mins)
---- ----------- ---- ----- -------------
------------------------------------------------------------------------
Total Addresses in System (excluding one mac per port) : 0
Max Addresses limit in System (excluding one mac per port) : 3072
How to Configure and Troubleshoot Cisco
http://www.howtocisco.com

Tablet and Smartphone Setup Guide
http://www.quicksetupguide.com
blin
Site Admin
 
Posts: 3605
Joined: Wed Dec 31, 1969 7:00 pm
Location: Chicago, USA


Return to Cisco

Your Ad Here

Who is online

Users browsing this forum: No registered users and 0 guests