Use these configuration parameters:
• Enable port security on Fast Ethernet port 1
• Set the maximum number of secure addresses to 50
• Set violation mode to default
• No static secure MAC addresses needed
• Enable sticky learning
Switch# configure terminal
Switch(config)# interface fastethernet0/1 Switch(config-if)# switchport mode access Switch(config-if)# switchport port-security Switch(config-if)# switchport port-security maximum 50 Switch(config-if)# switchport port-security mac-address sticky Switch(config-if)# switchport port-security aging time 20 Switch(config-if)# end
MAC addresses are gathered dynamically with some switches supporting static entries and sticky entries. Static entries are manually entered for each port (for example, switchport port-security mac-address mac-address) and saved in the running configuration. Sticky entries are similar to static entries except that they are dynamically learned. Existing dynamic entries are converted to sticky entries when the switchport port-security mac-address sticky command is issued for a port. These former dynamic entries are entered into the running configuration using the command switchport port-security mac-address sticky mac-address. If the running configuration is then saved to the startup configuration, these MAC addresses do not need to be relearned on restart. Also, the maximum number of MAC addresses (for example, the command switchport port-security maximum value) for the port can be set.
This figure shows how to enable port security on Fast Ethernet port 0/1 and to set the maximum number of secure addresses to 50. The violation mode is the default, no static secure MAC addresses are configured, and sticky learning is enabled.
3-42 Securing Cisco Network Devices (SND) v2.0 © 2006 Cisco Systems, Inc.
Was this article helpful?
Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.