We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is Why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 637 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

 

364 New Members signed up the last 30 days!

satisfaction-guaranteed

100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags:


Forum Replies

  1. Hi Rene, I have a strange problem related to your post. We have a unmananged switch connected to a managed switch port. That port is configured as follows:

     description Conference Room
     switchport access vlan 43
     switchport mode access
     switchport port-security maximum 16
     switchport port-security
     authentication host-mode multi-host
     authentication port-control auto
     dot1x pae authenticator
     dot1x timeout quiet-period 20
     dot1x timeout tx-period 10
     spanning-tree bpduguard enable
    

    If a user connects to this switch and then unplugs (not Logoff), goes to their d

    ... Continue reading in our forum

  2. Hi Rene,

    This sound silly but i want know how you can ping from the IOS command line with a packet tracer instead of the command prompt?.
    Thanks,
    Peter

  3. Hello Hussein.

    In order to clearly answer this question, we have to define two different functionalities of the switch: port security and the MAC address table.

    Port security has been explained well in this lesson, so I’ll just mention that port security allows only devices with specific MAC addresses to connect and function on a specific interface.

    The MAC address table is a table that records MAC addresses and the corresponding interface on which they can be found. This table exists to give a switch it’s most basic function which also distinguishes it from a

    ... Continue reading in our forum

  4. Hello Hussein.

    That’s a very good point, and yes, it requires clarification.

    In order for port security to function, the “allowed” MAC addresses are configured for each port. These are the secure addresses. Now there are several ways a switch can learn these addresses: Statically or dynamically.

    The statically configured MAC addresses for port security DO NOT age out. They are permanent. These are the addresses that are configured using the command:

    switchport port-security mac-address 1000.2000.3000

    The switchport port-security aging time command only aff

    ... Continue reading in our forum

43 more replies! Ask a question or join the discussion by visiting our Community Forum