Packet tracer configuring switch port security instructor version objective part 1. Port security is easy to configured and it allows you to secure access to a port based upon a mac address basis. The first way being that you configure a static mac address when configuring portsecurity on a specific interface. Switch port security configuration on cisco packet tracer in this article, we will focus on detailed port security configuration. We often send and receive emails on our mobile devices or computers. You can analyze network traffic passing through ports or vlans by using span or rspan to send a copy of the traffic to another port on the switch or on another switch that has been connected to a network analyzer or other monitoring or security device. Ccna routing and switching routing and switching essentials 6. Configuring the switch console network port configuring switches in this part of the exercise each student will now use, and configure, his or her own switch.
Mar 29, 2020 these sections describe how to configure port security using the packet tracer configuring switch port security lab. After reminding him of the security policy that does not allow personal. Jun 11, 2017 this video shows the packet tracer activity configuring switch port security. Jan 08, 2010 configuring the router in packet tracer a router that is turned off doesnt work very well. Configuring sticky switchport security free ccna workbook. To enable portsecurity youll execute the switchport portsecurity command as previously learned in lab 419. An email server, such as gmail stores and sends email messages to email clients on request.
Packet tracer is a network simulator used for configuring and creating the virtual cisco devices and network. In this topology we will make examples for the configuration cases on port security. Switch port security configuration on cisco packet tracer. Mar 20, 2020 switches can be subject to mac address table overflow attacks, mac spoofing attacks, and unauthorized connections to switch ports. These sections describe how to configure port security using the packet tracer configuring switch port security lab.
How to configure portsecurity on cisco switch by default there is no limit to the number of mac addresses a switch can learn on an interface and all mac addresses are allowed. Port security does not support switch port analyzer. Ccna ccnp lab packet tracers and pdf notes technology. Switch configuration by the end of this session, you will be able to. Router switch configuration using packet tracer gns3. The employee who normally uses pc1 brought his laptop from home, disconnected pc1 and connected the laptop to the telecommunication outlet. Packet tracer configuring switch port securitytopologyaddressing table deviceinterfaceip addresssubnet masks1vlan.
How to configure port security on cisco switch by default there is no limit to the number of mac addresses a switch can learn on an interface and all mac addresses are allowed. Packet tracer configuring switch port securitytopologyaddressing tabledeviceinterfaceip addresssubnet masks1vlan. This means that the switch can play an important role in network security since its the entrypoint of the network. Port security allows you to restrict a port s ingress traffic by limiting the mac addresses that are allowed to send traffic to the port. Basic switching concepts and configuration 25 address 172.
When we want to take total control of our switch port that who can access the port and who will not, then we. One of the best practices in network security is to try and stop security threats from the entrypoint of a lan network. Cisco switch troubleshooting basics and steps list learn how to find and fix issues in an it infrastructure of several cisco switches. Cisco switch port security configuration and best practices. Port security can also configured locally and has no mechanism for controlling port security in a centralized fashion for distributed switches. Red font color or gray highlights indicate text that appears in the answer copy only. Port security allows you to restrict a ports ingress traffic by limiting the mac addresses that are allowed to send traffic to the port. Click on your router to bring up the configuration menu and verify that it is turned on.
In this topology, 2 cisco catalyst 295024 switches and 6 pcs are used. Port security configuration on cisco switch using packet. If we want we can change this behavior with port security. To ensure that an attached device has the full bandwidth of the port, set the maximum number of addresses to one and configure the mac address of the attached device. In this activity, you will configure and verify port security on a switch. Packet tracer cisco commands list cli basic networking. Basic switch configuration and port security danscourses. To explain switchport port security modes and commands, i will use packet tracer network simulator software. This lab will test your ability to configure basic settings such as hostname, motd banner, encrypted passwords, and terminal options on a cisco catalyst 2960 switch simulated in packet tracer 7. In this article, we will focus on detailed port security configuration. Here is the detailed cisco router configuration commands list, which can be implemented with packet tracer.
Port security does not support etherchannel portchannel interfaces. After reminding him of the security policy that does not allow personal devices on the network, you now must reconnect pc1 and reenable the. When you are working as a network engineer or network administrator the main problem you facing is the security of switch. You can configure all secure mac addresses by using the switchport. Packet tracer troubleshooting switch port security.
Port security allows you to restrict a ports ingress traffic by limiting the mac addresses that. Packet tracer configuring switch port security topology addressing table device interface ip address subnet mask. In both cases, configuration is simple as long as you have a basic knowledge of ip addressing. Packet tracer configuring switch port security topology addressing. You will configure port security to limit the number of mac addresses that can be learned on a switch port and disable the port if that number is exceeded. Verify port security background in this activity, you will configure and verify port security on a switch. We can protect switch by enabling password and console password protection but the main problem come when we think about cisco switches ports which are open for all. This tutorial will guide you on how to configure a dhcp server both on a router and on a generic server in cisco packet tracer. When on, there will be a small green light below the switch as seen in the diagram. Learn how to secure a switch port with switchport security feature step by step.
If we want we can change this behavior with portsecurity. This video shows the packet tracer activity configuring switch port security. Pdf packet tracer configuring switch port security. Configuring an email server in packet tracer computer. Packet tracer troubleshooting switch port security scenario. Configuring switch security features config router. Now stop the packet capture and answer the following questions.
Make sure you have a printed version of the instructions. Port security is essentially a layer 2 security mechanism that can limit the number of mac addresses that can be learned on a single switch port or perhaps be used as a security barrier to prevent anyone from unplugging a network device and plugging in a new device without authorization. Lets now see the basic portsecurity configuration on cisco switches. Jul 05, 2018 configuring dhcp service on a generic server in packet tracer. Port security is normally configured on ports that connect servers or fixed devices. Router switch configuration using packet tracer gns3 static dynamic protocols routing nat access list cisco golbal. Configure a router with packet tracer learn networking.
Unfortunately for me, port security static macs are an organizational network requirement and i have a support group requesting to be able to unplug an existing workstation and connect a specific laptop from the same subnet to that switch port and be able to repeat this step for multiple ports on the same switch. Cisco switch troubleshooting basics and steps list. To do this, click on the server, then click on services tab. Switch or layer 2 switch is often used interchangeably with bridge. Configure basic switch security configure aaa local authentication. In this tutorial, well do a simple configuration of an email server in packet tracer. Jan 16, 2020 packet tracer cisco cli commands list. How to use cdp and lldp to discover the network topology troubleshooting interface errors, speed, and duplex mismatch configure and troubleshoot port security. Then, you will implement intervlan routing and nat on a router. Port security does not support switch port analyzer span destination ports. Switch security overview in the video tutorials below, i show how to use packet tracer to build a small lan with a cisco 2960 switch, three pc clients, and two pc servers, one of the servers is placed on a separate vlan for management purposes. Bridges can analyze incoming data packets to determine if the bridge is able to send the given packet to another segment of the network. Its called port security and you can use it to limit the number of mac addresses per interface or even to specify which mac address can connect to each physical port of the switch.
Configuring dynamic switchport security free ccna workbook. Switches can be subject to mac address table overflow attacks, mac spoofing attacks, and unauthorized connections to switch ports. How to configure switch port security on cisco switches. Enable portsecurity on sw1s fa01 interface and configure the interface to sticky the mac address learned. The svi for vlan 99 will not appear as upup until vlan 99 is created and there is a device connected to a switch port associated with vlan 99. This activity is from ccna routing and switching module2 1. The continue reading basic switch configuration and port security. Configuring the router in packet tracer a router that is turned off doesnt work very well. Catalyst 4500 series switch cisco ios software configuration guide. During implementation, you will configure vlans, trunking, port security and ssh remote access on a switch.
701 1369 652 250 111 492 178 799 1264 1086 1343 358 756 1417 695 707 1426 1319 1336 1615 1010 578 1226 938 748 964 1560 271 326 468 159 1683 609 444 172 577 1424 859 621 1016 1033 1472 807 1429 1385 358 1438 1104 756 1086