首页 > 代码库 > 交换机端口安全之粘滞MAC地址续

交换机端口安全之粘滞MAC地址续

如果要在多个端口上同时进行配置,可以使用interface range fastEthernet 0/1-2命令


SW1(config)#interface range fastEthernet 0/1-2

SW1(config-if-range)#sh

SW1(config-if-range)#shutdown



SW1(config-if-range)#

%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down


%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down


%LINK-5-CHANGED: Interface FastEthernet0/2, changed state to administratively down


%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down


%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down


SW1(config-if-range)#sw

SW1(config-if-range)#switchport mo ac

SW1(config-if-range)#sw

SW1(config-if-range)#switchport po

SW1(config-if-range)#switchport port-security

SW1(config-if-range)#sw

SW1(config-if-range)#switchport po

SW1(config-if-range)#switchport port-security max

SW1(config-if-range)#switchport port-security maximum 1

SW1(config-if-range)#sw

SW1(config-if-range)#switchport po

SW1(config-if-range)#switchport port-security v

SW1(config-if-range)#switchport port-security violation sh

SW1(config-if-range)#switchport port-security violation shutdown

SW1(config-if-range)#sw

SW1(config-if-range)#switchport po

SW1(config-if-range)#switchport port-security ,ac

SW1(config-if-range)#switchport port-security mac

SW1(config-if-range)#switchport port-security ?

mac-address  Secure mac address

maximum      Max secure addresses

violation    Security violation mode

<cr>

SW1(config-if-range)#switchport port-security s

SW1(config-if-range)#switchport port-security mac

SW1(config-if-range)#switchport port-security mac-address ?

H.H.H   48 bit mac address

sticky  Configure dynamic secure addresses as sticky

SW1(config-if-range)#switchport port-security mac-address s

SW1(config-if-range)#switchport port-security mac-address sticky

SW1(config-if-range)#no sh

SW1(config-if-range)#no shutdown


SW1#show port-security

Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action

(Count)       (Count)        (Count)

--------------------------------------------------------------------

Fa0/1        1          1                 0         Shutdown

Fa0/2        1          0                 0         Shutdown

----------------------------------------------------------------------

SW1#show mac-a

SW1#show mac-address-table

Mac Address Table

-------------------------------------------


Vlan    Mac Address       Type        Ports

----    -----------       --------    -----


1    0001.4383.a201    STATIC      Fa0/2

1    0030.a303.1701    STATIC      Fa0/1


本文出自 “一颗正在成长的小树” 博客,请务必保留此出处http://growing2015.blog.51cto.com/12006344/1917171

交换机端口安全之粘滞MAC地址续