11.1.10 Packet Tracer – Implement Port Safety (Teacher Model)
|Gadget||Interface||IP Handle||Subnet Masks|
|Rogue Laptop computer||NIC||10.10.10.12||255.255.255.0|
- Half 1: Configure Port Safety
- Half 2: Confirm Port Safety
On this exercise, you’ll configure and confirm port safety on a change. Port safety lets you prohibit a port’s ingress visitors by limiting the MAC addresses which are allowed to ship visitors into the port.
Step 1: Configure Port Safety
a. Entry the command line for S1 and allow port safety on Quick Ethernet ports 0/1 and 0/2.
S1(config)# interface vary f0/1 – 2 S1(config-if-range)# switchport port-security
b. Set the utmost in order that just one system can entry the Quick Ethernet ports 0/1 and 0/2.
S1(config-if-range)# switchport port-security most 1
c. Safe the ports in order that the MAC deal with of a tool is dynamically realized and added to the operating configuration.
S1(config-if-range)# switchport port-security mac-address sticky
d. Set the violation mode in order that the Quick Ethernet ports 0/1 and 0/2 usually are not disabled when a violation happens, however a notification of the safety violation is generated and packets from the unknown supply are dropped.
S1(config-if-range)# switchport port-security violation prohibit
e. Disable all of the remaining unused ports. Use the vary key phrase to use this configuration to all of the ports concurrently.
S1(config-if-range)# interface vary f0/3 - 24 , g0/1 - 2 S1(config-if-range)# shutdown
Step 2: Confirm Port Safety
a. From PC1, ping PC2.
b. Confirm that port safety is enabled and the MAC addresses of PC1 and PC2 have been added to the operating configuration.
S1# present run | start interface
c. Use port-security present instructions to show configuration data.
S1# present port-security S1# present port-security deal with
d. Connect Rogue Laptop computer to any unused change port and spot that the hyperlink lights are crimson.
e. Allow the port and confirm that Rogue Laptop computer can ping PC1 and PC2. After verification, shut down the port related to Rogue Laptop computer.
f. Disconnect PC2 and join Rogue Laptop computer to F0/2, which is the port to which PC2 was initially related. Confirm that Rogue Laptop computer is unable to ping PC1.
g. Show the port safety violations for the port to which Rogue Laptop computer is related.
S1# present port-security interface f0/2
What number of violations have occurred?
h. Disconnect Rouge Laptop computer and reconnect PC2. Confirm PC2 can ping PC1.
Why is PC2 capable of ping PC1, however the Rouge Laptop computer is just not?
Obtain PDF & PKA file: