Thursday, 1 May 2014

switchport port-security

About port-security.

To enable / configure port-security on Switch interface

1. Switch port must be access mode. Port security cannot configure in the interface Dynamic Desirable mode.
2. By default, the switchport security feature is disabled on all switchports and must be enabled.

----------------------------------------------------------

>>>   Step 1. checking interface fa0/4 admin mode status

SW#sh interfaces fa0/4 switchport
Name: Fa0/4
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: native

>>>  Step 2. configuring port security in interface fa0/4

SW(config)#int fa0/4
SW(config-if)#switchport port-security 
Command rejected: FastEthernet0/4 is a dynamic port.

>>>  Step 3. configuring  interface fa0/4 as access port

SW(config)#int fa0/4
SW(config-if)#switchport mode access
SW(config-if)#switchport port-security 
SW(config-if)#end

SW#show port-security interface fastEthernet 0/4
Port Security                 : Enabled
Port Status                    : Secure-up
Violation Mode             : Shutdown

SW#show port-security 
Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action
               (Count)       (Count)        (Count)
--------------------------------------------------------------------
        Fa0/4        1          0                 0         Shutdown
----------------------------------------------------------------------

######################  END  #########################

reference from / Further Studies...







No comments:

Post a Comment