Categories
28°C, New York
Home CCNA Port Security

Port Security

IP Addressing:

Configure VLANs:

Switches learn MAC addresses as frames are forwarded through switch ports. Port security allows you to limit the number of MAC addresses that can be learned on a port, configure static MAC addresses, and set penalties if that port is used by unauthorized users. Users can restrict, shutdown, or protect port security commands.

Command Description
(config-if)# switchport mode {access, trunk}                      Null
(config-if)# [no] switchport port-security To disable port-security
(config-if)# switchport port-security maximum 1 Max no. of allowed MACs.
(config-if)# switchport port-security mac-address 1234.5678.9abc To allow a MAC on this port.
(config-if)# switchport port-security mac-address sticky To allow learning of connected macs until MAC Address reached.
(config-if)# switchport port-security violation shutdown To shutdown port when other device gets connected.
(config-if)# shutdown (config-if)# no shutdown enable again if after port-security violation.
(config)# errdisable recovery cause psecure-violation enable again if automatically after problem is fixed.
(config)# errdisable recovery interval 42 Recheck every 42 seconds.

Port-Security Terms of Violation:

Term Definition
protect To Drops packets with no alert
restrict To Drops packets and increment security-violation count
shutdown To Shuts down the port (default)

Troubleshooting Port Security:

Command Description
# show port-security [interface g1/1] port status, violation mode, max/total MACs,…
# show port-security address Secure MACs on ports.
# show errdisable recovery Check if auto recovery is enabled. Disabled by default.

CCNA Cheatsheet

A CCNA certification proves you have the competencies needed to navigate an ever-changing IT landscape. CCNA exams cover network fundamentals, IP services, security fundamentals, automation, and programmability. Designed for agility and versatility, CCNA proves you have the skills needed to manage and optimize today’s most advanced networks. CCNA training courses and exams are the foundation for advancing your career in any direction. A Cisco certification is living proof of the standards and rigor your organization recognizes and trusts to meet and exceed market demands. Here is a cheat sheet for CCNA Examination.

Similar Reads

Network Fundamentals:

Networking Devices Used in CCNA:...

IP Addressing:

Classes of IP Addresses:...

Port Security:

Switches learn MAC addresses as frames are forwarded through switch ports. Port security allows you to limit the number of MAC addresses that can be learned on a port, configure static MAC addresses, and set penalties if that port is used by unauthorized users. Users can restrict, shutdown, or protect port security commands....

Configure VLANs:

Virtual LAN (VLAN) is a concept that allows devices to be logically partitioned at layer 2 (data link layer). Layer 3 devices typically share a broadcast domain, but the concept of VLANs can be used to divide the broadcast domain with switches....

STP (Spanning Tree Protocol):

Spanning Tree Protocol (STP) prevents frame loops by putting interfaces on a switch into a forwarding or blocking states....

Configure a Serial:

The speed of the Layer 1 connection is determined by the CSU/DSU. DTE (Data Terminal Equipment)  and DCE (Data Communications Equipment) cables are used in labs without an external CSU/DSU....

Tags:
#CCNA

IP Addressing:

Configure VLANs: