Scribd Logo
Upload

Welcome to Scribd!

  • 1K views

    2.2.4.9 Packet Tracer - Configuring Switch Port Security Instructions - IG

    Uploaded by

    Viny Alexander Mendieta
    Laboratorio 2.2.4.9 Packet Tracer - Configuring Switch Port Security Instructions CISCO

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd

    2.2.4.9 Packet Tracer - Configuring Switch Port Security Instructions - IG

    Uploaded by

    Viny Alexander Mendieta
    1K views9 pages
    Laboratorio 2.2.4.9 Packet Tracer - Configuring Switch Port Security Instructions CISCO

    Original Title

    2.2.4.9 Packet Tracer - Configuring Switch Port Security Instructions - IG-converted

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Laboratorio 2.2.4.9 Packet Tracer - Configuring Switch Port Security Instructions CISCO

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Download as docx, pdf, or txt
    1K views9 pages

    2.2.4.9 Packet Tracer - Configuring Switch Port Security Instructions - IG

    Uploaded by

    Viny Alexander Mendieta
    Laboratorio 2.2.4.9 Packet Tracer - Configuring Switch Port Security Instructions CISCO

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Download as docx, pdf, or txt
    of 9

    Packet Tracer - Configuring Switch Port Security

    Topology

    Addressing Table

    Device Interface IP Address Subnet Mask

    S1 VLAN 1 10.10.10.2 255.255.255.0


    PC1 NIC 10.10.10.10 255.255.255.0
    PC2 NIC 10.10.10.11 255.255.255.0
    Rogue Laptop NIC 10.10.10.12 255.255.255.0

    Objective
    Part 1: Configure Port Security
    Part 2: Verify Port Security

    Background
    In this activity, you will configure and verify port security on a switch. Port security allows you to restrict a
    port’s ingress traffic by limiting the MAC addresses that are allowed to send traffic into the port.

    Part 1: Configure Port Security


    a. Access the command line for S1 and enable port security on Fast Ethernet ports 0/1 and 0/2.
    S1(config)# interface range fa0/1 - 2
    S1(config-if-range)# switchport port-security
    b. Set the maximum so that only one device can access the Fast Ethernet ports 0/1 and 0/2.
    S1(config-if-range)# switchport port-security maximum 1

    © 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 2
    Packet Tracer - Configuring Switch Port Security

    c. Secure the ports so that the MAC address of a device is dynamically learned and added to the running
    configuration.
    S1(config-if-range)# switchport port-security mac-address sticky
    d. Set the violation so that the Fast Ethernet ports 0/1 and 0/2 are not disabled when a violation occurs, but
    packets are dropped from an unknown source.
    S1(config-if-range)# switchport port-security violation restrict
    e. Disable all the remaining unused ports. Hint: Use the range keyword to apply this configuration to all the
    ports simultaneously.
    S1(config-if-range)# interface range fa0/3 - 24 , g0/1 – 2

    © 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 2
    S1(config-if-range)# shutdown

    Part 2:Verify Port Security

    a. From PC1, ping PC2.

    © 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 2
    b. Verify port security is enabled and the MAC addresses of PC1 and PC2 were added to the running
    configuration.

    © 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 4 of 2
    c. Attach Rogue Laptop to any unused switch port and notice that the link lights are red.

    © 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 5 of 2
    d. Enable the port and verify that Rogue Laptop can ping PC1 and PC2. After verification, shut down the
    port connected to Rogue Laptop.

    © 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 6 of 2
    e. Disconnect PC2 and connect Rogue Laptop to PC2’s port. Verify that Rogue Laptop is unable to ping
    PC1.

    © 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 7 of 2
    f. Display the port security violations for the port Rogue Laptop is connected to.
    S1# show port-security interface fa0/2

    g. Disconnect Rouge Laptop and reconnect PC2. Verify PC2 can ping PC1.

    © 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 8 of 2
    h. Why is PC2 able to ping PC1, but the Rouge Laptop is not?
    El Puerto que fe habilitado permite acceder a un solo dispositivo del primero al que se prendió su
    dirección mac y previene el acceso a otros dispositivos.

    © 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 9 of 2

    You might also like