5.2.2.7 Packet Tracer - Configuring Switch Port Security

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
- so welcome to all in this video we are going to see the packet tracer activity configuring switch port security from CCNA routing and switching in this activity we are going to configure port security and finally we are going to verify port security we will come to a path to one configure a port security access the command line for s1 and enable port security on Fast Ethernet ports 0 / 1 and 0 / 2 we will configure this on s1 we will come to s1 enable configure terminal and 2 here we are going to the interface fastethernet 0/1 as well as 0 / 2 so we are here we are going to use a range command first aprender to 0 / 1 - 2 and we are going to give switch to port port security now we enable the port security next e says set the maximum so that only one device can access the Fast Ethernet port 0 / 1 and 0 / 2 so here we are going to set the poor security maximum as 1 coming to switch yes here we are going to set that switch port we have a port security maximum yes we can give one yes next is a secure the port so that the MAC address of a device is a dynamically learnt and added to the running configuration yes we will do this now using my cutoff sticky coming to s1 here we are going to give a support for security we have my cut chose the sticky next Issa said the violation so that the faster toner 2 ports 0 / 1 & 0 / 2 are not disabled when a violation occurs but packets are dropped from an unknown source yes so we are going to set the violation as a restrict so we are going to do that support for security we have violation as a restrict s disable all the remaining unused ports in say user range keyword to apply this configuration to all the ports simultaneously yes so we are going to disable faster third 0 / 3 to 24 and we got the two gigabit ethernet interface we are going to disable all these coming to suits okay here we'll exit and we will give interface range we have faster 3rd + 2 0 / 3 till 24 yeah also we have a Gigabit Ethernet 1 / 1 till 2 ok interface range not violated command rejected okay we will verify the interfaces so here I am going to use a do show IP interface brief yes here we can see the interface yes we have gigabit a 10 to 0 / 1 & 0 / 2 you will go to interface range faster / not 0 / 3 - 24 and we'll go to Gigabit Ethernet 0 / 1 - 2 and we will return it yes now we will come to a party to verify port security from pc1 pink PC - okay we will come to PC one and we will check the IP address or for PC two years here it is you are going to pink pink - the IP address off PC - we are getting to replay next year so verify port security is enabled and to the MAC addresses of pc1 & pc2 we're added to the running configuration yes we will come to that coming - yes 1 we will give show running config and here we can see the details yes here we can see that switch port for security and the micro trophy is here so this is the MAC address or for PC 1 and here we can see this is a MAC address offer the PC - even we can verify that coming to PC one command prom - here we can see yes here we can see the MAC address of PC 1 B 0 - 7 - 2 4 5 veces 0 yes 2 2 4 5 correct next is attached rogue laptop - any unused to support and you notice that the link lights are red obviously because except faster than 0 / 1 & 0 / - we shut down we will verify that from this laptop - I am going to connect to faster third at 0 / 3 yes here we can see that the lights are in a red next ISA enabled the port and to verify that rogue laptop can ping pc1 & pc2 after verification shut down the port connected to a rogue laptop okay we will enable I mean yes we will enable this water which is a connected to faster than or to 0 / 3 so we will come to the interface before that configure terminal interface fastethernet 0/0 and we will give no command yes now we can see here this interface is up now we will pink pc1 & pc2 from rogue laptop we will take the IP address of a PC one so here we are going to ping to PC one yes we are getting the replay now will ping to PC - yes here we can see we are getting the replay now we will shut down the port connected to rogue laptop so we are going to shut down this yes next is disconnect to PC - and connect a rogue laptop to pcs pause I mean PC to sport port verify that a rogue laptop is unable to pink PC one so here we are going to disconnect PC - and we are going to connect to a rogue laptop we will do that before I am going to remove this and we are going to connect to this laptop now we are going to pink - PC one from this rogue laptop yes here it is we are waiting for the reply no it seems to be yes request timed out we are not getting the reply from a PC one we can see that the pink failed next is a display the poor security violation so for the throat rogue laptop is connected to yes this a rogue laptop is now connected to faster turn or to 0/2 we will verify that - coming - yes one okay we will give the show command for security interface interface name is faster current 0/2 and here we can see maximum MacArthur Fellow ds1 total MAC address is 1 yes and we can see sticky MAC address ok security violation count yes here we can see disconnect rogue laptop and reconnect to PC to verify PC - can ping PC 1 yes we will come back to PC 2 now ok and to be how to ping to PC 1 coming here we are going to pink 10 dirt and dirt will turn Doulton yes we are getting the reply hunter here is the last one question why is PC 2 able to ping PC 1 but the rogue laptop is not yes the poor security that was enabled on the port only allowed the device whose Mac my I mean who's Mac was land first so we can see that the PC to my cut Rose is a learned and rogue when we connect rogue laptop it will prevent communicating with other pieces so access to the port while preventing all other device access yes a friend saw this packet restore activity was empowered to configuring such port security if you have any doubt please comment below also if you like to get my future video information into your gmail we can subscribe my channel right now thank you
Info
Channel: Tech Acad
Views: 87,310
Rating: undefined out of 5
Keywords: Port Security
Id: ubX-boUrG6A
Channel Id: undefined
Length: 11min 25sec (685 seconds)
Published: Sun Jun 11 2017
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.