Answers: Basic Port Security

Wendell
By Wendell August 21, 2015 09:05

As with all these labs, the answer is straightforward. In this case, the switchport was already an access port, so all you had to do was add the port security configuration. But try the lab yourself first before looking here! The answers sit below the fold.

 

Answers

Example 4: SW3 Config

 

Commentary

First, port security feature only works on static ports. That is, the switch port must be statically configured as an access port or a trunk port. The initial configuration showed SW3’s F0/0 as a static access port, so the only command needed to enable port security on the port was the switchport port-security command.

With that one subcommand configured, SW3 would implement port security on that port. However, with all default settings, the switch would also be operating the wrong way in comparison with the requirements. In particular:

  • By default, only one MAC address is allowed
  • By default, the allowed MAC address is not predefined. Rather, it’s the MAC address of the first frame received once the port comes up.

As a result, the last three commands in the answer are required: one to bump the number of allowed MAC addresses from 1 to 2, and the other two commands to pre-define the MAC addresses that can be used as source MACs in frames that enter SW3’s port F0/0.

 

Basic Port Security
EIGRP and Bandwidth
Wendell
By Wendell August 21, 2015 09:05
Write a comment

No Comments

No Comments Yet!

Let me tell You a sad story ! There are no comments yet, but You can be first one to comment this article.

Write a comment
View comments

Write a comment

Comment; Identify w/ Social Media or Email

Subscribe

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.

Search

Categories