Вы можете управлять доступом к порту вашего коммутатора. Например, вы можете управлять тем, кто может получить доступ к определенному интерфейсу коммутатора или сколько устройств может быть подключено к определенному интерфейсу коммутатора. Существует функция под названием Switch Port Security, которая позволяет вам это сделать. В этом упражнении мы объясним, как настроить безопасность порта коммутатора.
In the following figure, the first command shows the sub-commands that are used to configure switch port related options. The second command shows the sub-commands that are used to configure port security related options.
Configuration
We will use the following topology to configure switch port security. Create the following topology in Cisco Packet Tracer.
1. First of all open the Command Prompt of PC1 and execute the ipconfig /all command and note down its MAC address.
2. Next, switch to the interface on which you want to implement port security. For example interface Fa0/ 1.
Switch( config)# interface fa0/ 1
3. Next, execute the following commands to enable the access mode and port security feature.
Switch1( config-if)# switchport mode access
Switch1( config-if)# switchport port-security
4. Next, execute the following commands to bind the MAC address that you want to allow to access this interface and to set the maximum number of MAC addresses to this interface.
Switch1( config-if)# switchport port-security mac-address 00D0. BC9A. 42DC
Switch1( config-if)# switchport port-security maximum 1
5. Next, execute the following commands to set the violation policy and exit from the interface configuration mode.
Switch1( config-if)# switchport port-security violation shutdown
Switch1( config-if)# exit
Switch1( config)# exit
6. The following figure shows the port-security configuration options.
7. Next, execute the following command to show the MAC addresses associated with the interfaces, as shown in the following figure.
Switch# show port-security address
8. The following figure port-security configuration example.
9. Next, execute the following command to show the port security settings of the interface Fa0/ 1, as shown in the following figure.
Switch# show port-security interface 0/ 1
