Always Read for Knowledge

Loading...

Friday 29 April 2011

CCNA LAB Practice - Port Security


Port Security


Objective


This lab demonstrates the concept of port security mechanism on Switch.

In the port security, we can limit the number of Mac addresses on each port and can define violation method.

Diagram




Procedure

  1. Enable the port Security of the Interfaces.
  2. Define the Max Mac Addresses on the Interfaces.
  3. Verifying the Port Security of the Interfaces by the command.
  4. Define the permanent entry of the both Hosts on the switch.
  5. Ping from Host ‘A’ to Host ‘B’.
  6. Change the interfaces of the Hosts & verifying the Results by the ping command.





Configuration         

Step 1: Enable the port Security of the Interfaces.

1900-SWA(config)#int Ethernet 0/1
1900-SWA(config-if)#port secure
1900-SWA(config)#int Ethernet 0/2
1900-SWA(config-if)#port secure

Step 2: Define the Max Mac Addresses on the Interfaces.

1900-SWA(config)#int Ethernet 0/1
1900-SWA(config-if)#port secure max-mac-count 1
1900-SWA(config)#int Ethernet 0/2
1900-SWA(config-if)#port secure max-mac-count 1

Step 3: Verifying the Port Security of the Interfaces by the command.

1900-SWA#show mac-address-table security

Action upon address violation : Suspend

Interface         Addressing Security       Address Table Size    Clear Address
-------------------------------------------------------------------------------------------
Ethernet 0/1         Enabled                                1                               No
Ethernet 0/2         Enabled                                1                               No
Ethernet 0/3           Disabled                              N/A                            No
Ethernet 0/4           Disabled                              N/A                            No
<Output Omitted>

Step 4: Define the permanent entry of the both Hosts.

1900-SWA(config)#mac-address-table permanent 0050.DA23.C9DD e0/1
1900-SWA(config)#mac-address-table permanent 0001.0262.FCC4 e0/2

Step 5: Ping from Host ‘A’ to Host ‘B’.

D:\>ping 10.0.0.2

Pinging 10.0.0.2 with 32 bytes of data:

Reply from 10.0.0.2: bytes=32 time<10ms TTL=128
Reply from 10.0.0.2: bytes=32 time<10ms TTL=128
Reply from 10.0.0.2: bytes=32 time<10ms TTL=128
Reply from 10.0.0.2: bytes=32 time<10ms TTL=128

Ping statistics for 10.0.0.2:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum =  0ms, Average =  0ms

Step 4: Change the interfaces of the Hosts & verifying the Results by the ping
                 command.

D:\>ping 10.0.0.2

Pinging 10.0.0.2 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 10.0.0.2:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum =  0ms, Average =  0ms
Posted by Knowledge for You at 11:42

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)