CCNA實驗1.port-security
一,安全
二,MAC地址綁定
3550-1#conf t
3550-1(config)#int f0/1
3550-1(config-if)#switchport mode access /指定端口模式。
3550-1(config-if)#switchport port-security mac-address 0090.F510.79C1 /配置MAC地址。
3550-1(config-if)#switchport port-security maximum 1 /限制此端口容許經過的MAC地址數爲1。
3550-1(config-if)#switchport port-security violation shutdown(protect(不轉發不報警)/restrict(不轉發報警)) /當發現與上述配置不符時,端口down或者拒絕收發。 less
三.MAC地址過濾
3550-1(config)#mac-address-table static 0090.F510.79C1 vlan 2 drop /在相應的Vlan丟棄流量。
3550-1(config)#mac-address-table static 0090.F510.79C1 vlan 2 int f0/1 /在相應的接口丟棄流量。學習
四.清除安全的MAC地址
Switch(config-if)#switchport port-security maximum 1 rest
Maximum is less than number of currently secured mac-addresses.//報錯 blog
能夠清除 接口
Switch#clear port-security ? get
all Clear all secure MAC addresses it
configured Clear all configured secure MAC addresses io
dynamic Clear all secure MAC address auto-learned by hardware table
sticky Clear all secure MAC address either auto-learned or configured
清除mac-address-table
clear mac-address-table dynamic
Switch#show mac-address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 0001.42dd.8aee DYNAMIC Fa0/3
1 0050.0f99.ce16 DYNAMIC Fa0/2
1 0060.3e47.29da STATIC Fa0/1
五.查看安全保護的MAC地址
Switch#show port-security int f0/1
Port Security : Enabled
Port Status : Secure-up
Violation Mode : Protect
Aging Time : 0 mins (0表示禁止老化)
Aging Type : Absolute(absolute:從上一次學習到算起,inactivity:從上一次收到來自該mac地址的包算起)
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 1
Configured MAC Addresses : 0
Sticky MAC Addresses : 1
Last Source Address:Vlan : 00D0.BAD0.4703:1
Security Violation Count : 0
Switch# show port-security address
Secure Mac Address Table
-------------------------------------------------------------------------------
Vlan Mac Address Type Ports Remaining Age
(mins)
---- ----------- ---- ----- -------------
1 0060.3E47.29DA SecureSticky FastEthernet0/1 -
------------------------------------------------------------------------------
Total Addresses in System (excluding one mac per port) : 0
Max Addresses limit in System (excluding one mac per port) : 102
- 1. ccna實驗-1
- 2. CCNA試驗1
- 3. CCNA EIGRP實驗
- 4. CCNA實驗2.VLAN
- 5. CCNA綜合實驗
- 6. CCNA實驗之四
- 7. CCNA VLAN Trunk 實驗
- 8. ccna實驗大全
- 9. CCNA day05 實驗一
- 10. 1-1 CCNA
- 更多相關文章...
- • XML 驗證 - XML 教程
- • DTD 驗證 - DTD 教程
- • ☆基於Java Instrument的Agent實現
- • Docker容器實戰(一) - 封神Server端技術
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. ccna實驗-1
- 2. CCNA試驗1
- 3. CCNA EIGRP實驗
- 4. CCNA實驗2.VLAN
- 5. CCNA綜合實驗
- 6. CCNA實驗之四
- 7. CCNA VLAN Trunk 實驗
- 8. ccna實驗大全
- 9. CCNA day05 實驗一
- 10. 1-1 CCNA