PORT SECURITY VIOLATION - SWITCHTECH #16

 

PORT SECURITY VIOLATION - SWITCHTECH


Perhatikan topologi berikut ini,


pertama Cek nilai mac address F0/0 Router R1,

R1
Router(config)#do show int f0/0 | i address
Hardware is Gt96k FE, address is 0021.d831.1bda (bia 0021.d831.1bda)

Konfigurasikan port-security 

SW-1
Switch(config)#interface FastEthernet1/0/1 
Switch(config-if)#switchport mode access 
Switch(config-if)#switchport port-security
Switch(config-if)#switchport port-security mac-address 0021.d831.1bda

Verifikasi, 

SW-1
Switch#show port-security interface f1/0/1 
Port Security : Enabled
Port Status : Secure-up Violation 
Mode : Shutdown Aging Time : 0 mins 
Aging Type : Absolute Secure Static 
Address Aging : Disabled Maximum 
MAC Addresses : 1
Total MAC Addresses : 1
Configured MAC Addresses : 1 Sticky MAC Addresses : 0
Last Source Address:Vlan : 0021.d831.1bda:1 Security Violation Count : 0

Coba rubah mac address pada R1 

R1
Router(config)#int F0/0
Router(config-if)#mac-address aaaa.bbbb.cccc 
Router(config-if)#exit

Cek disisi Switch 

SW-1
Switch#show port-security interface f1/0/1 
Port Security : Enabled
Port Status : Secure-shutdown 
Violation Mode : Shutdown
Aging Time : 0 mins 
Aging Type : Absolute Secure Static 
Address Aging : Disabled Maximum 
MAC Addresses : 1
Total MAC Addresses : 1 
Configured MAC Addresses : 1 
Sticky MAC Addresses : 0
Last Source Address:Vlan : aaaa.bbbb.cccc:1
Security Violation Count : 1

SW-1
Switch#show int f1/0/1 
FastEthernet1/0/1 is down, line protocol is down (err-disabled)


Komentar

Postingan populer dari blog ini

EIGRP WITH DISTRIBUTE LIST - EIGRP #1

WALLED GARDEN IP LIST - NETWORK MANAGEMENT MIKROTIK #11

PHASE 1 DYNAMIC MAPPING - DMVPN #1