Configure a Trunk Port and Port Security

Configure Port as Trunk Port
Note: Trunk port is use to connect one or more switches.
You need to configure a trunk port on each switch on your network.
Switch#conf t
Switch(config)#int range fa0/23-24
Switch(config-if-range)#no shutdown
Switch(config-if-range)#switchport trunk encapsulation dot1q
Switch(config-if-range)#switchport mode trunk
Configure Port Security
Switch#conf t
Switch(config)#int range fa0/1-22
Switch(config-if-range)#switchport port-security mac-address sticky
Switch(config-if-range)#switchport port-security maximum 1
Switch(config-if-range)#switchport port-security violation shutdown
Note: Port security is the basic way of locking down the port of the switch.

switchport port-security mac-address sticky It will learn the mac address of the device and only accept traffic on it.
switchport port-security maximum It specify the number of addresses allowed on the switchport. If it is set to switchport port-security maximum 2, only 2 devices can connect to the port.
switchport port-security violation shutdown If you violate the security settings on the particular switch port it just shutdown the entire port and don't let any traffic through this port until you re-enable it.
Switchport port-security violation protect If you set switchport port-security maximum 2, the traffic from third mac address will be ignored.
Switchport port-security violation restrict If you set switchport port-security maximum 2, the traffic from third mac address will be ignored and logged on system log. It will also send into p-trap. If you have a management network software like solarwind, you can configured that to look for the trap from your switches about port security violation and sound the alarm or send you an email

0 Comments:

Post a Comment