• CCNA实验1.port-security

    一,

    image

    二,MAC地址绑定

    3550-1#conf t
    3550-1(config)#int f0/1
    3550-1(config-if)#switchport mode access /指定端口模式。
    3550-1(config-if)#switchport port-security mac-address 0090.F510.79C1 /配置MAC地址。
    3550-1(config-if)#switchport port-security maximum 1 /限制此端口允许通过的MAC地址数为1。
    3550-1(config-if)#switchport port-security violation shutdown(protect(不转发不报警)/restrict(不转发报警)) /当发现与上述配置不符时,端口down或者拒绝收发。

    三.MAC地址过滤

    3550-1(config)#mac-address-table static 0090.F510.79C1 vlan 2 drop /在相应的Vlan丢弃流量。

    3550-1(config)#mac-address-table static 0090.F510.79C1 vlan 2 int f0/1 /在相应的接口丢弃流量。

    四.清除安全的MAC地址

    Switch(config-if)#switchport port-security maximum 1

    Maximum is less than number of currently secured mac-addresses.//报错

    可以清除

    Switch#clear port-security ?

    all Clear all secure MAC addresses

    configured Clear all configured secure MAC addresses

    dynamic Clear all secure MAC address auto-learned by hardware

    sticky Clear all secure MAC address either auto-learned or configured

    清除mac-address-table

    clear mac-address-table dynamic

    Switch#show mac-address-table

    Mac Address Table

    -------------------------------------------

    Vlan Mac Address Type Ports

    ---- ----------- -------- -----

    1 0001.42dd.8aee DYNAMIC Fa0/3

    1 0050.0f99.ce16 DYNAMIC Fa0/2

    1 0060.3e47.29da STATIC Fa0/1

    五.查看安全保护的MAC地址

    Switch#show port-security int f0/1

    Port Security : Enabled

    Port Status : Secure-up

    Violation Mode : Protect

    Aging Time : 0 mins  (0表示禁止老化)

    Aging Type : Absolute(absolute:从上一次学习到算起,inactivity:从上一次收到来自该mac地址的包算起)

    SecureStatic Address Aging : Disabled

    Maximum MAC Addresses : 1

    Total MAC Addresses : 1

    Configured MAC Addresses : 0

    Sticky MAC Addresses : 1

    Last Source Address:Vlan : 00D0.BAD0.4703:1

    Security Violation Count : 0

     

    Switch# show port-security address

    Secure Mac Address Table

    -------------------------------------------------------------------------------

    Vlan Mac Address Type Ports Remaining Age

    (mins)

    ---- ----------- ---- ----- -------------

    1 0060.3E47.29DA SecureSticky FastEthernet0/1 -

    ------------------------------------------------------------------------------

    Total Addresses in System (excluding one mac per port) : 0

    Max Addresses limit in System (excluding one mac per port) : 102
  • 相关阅读:
    Python环境搭建
    接口测试工具Jmeter
    接口测试工具postman
    fiddler -- 一个强大的抓包工具
    Pychram中使用reduce()函数报错:Unresolved reference 'reduce'
    Mac下用命令行获取苹果手机的UDID
    python 的 lambda使用笔记
    appium报错:An unknown server-side error occurred while processing the command. Original error: Could not proxy command to remote server. Original error: Error: read ECONNRESET
    Pycharm中使用from appium import webdriver时报错:ModuleNotFoundError: No module named 'appium'
    如何升级pip3
  • 原文地址:https://www.cnblogs.com/jjkv3/p/3788680.html
Copyright © 2020-2023  润新知