Lab4 :Port security

1 of 2

http://www.packettracernetwork.com/packettracer53labs/port-security.html

A growing challenge for network administrators is to be able to control who is allowed - and who isn't - to access the organization's internal network. This access control is mandatory for
critical infrastructure protection in your network. It is not on public parts of the network where guest users should be able to connect.
Port security is a Cisco feature implemented in Catalyst switches which will help network engineers in implementing network security on network boundaries. In its most basic form, the
Port Security feature writes the MAC address of the device connected to the switch edge port and allows only that MAC address to be active on that port. If any other MAC address is
detected on that port, port security feature shutdown the switch port. The switch can be configured to send a SNMP trap to a network monitoring solution to alert that the port is disabled
for security reasons.

This lab will test your ability to configure port security on Cisco

TM

2960 switch interfaces.

1. Configure port security on interface Fa 0/1 of the switch with the following settings :
- Port security enabled
- Mode : restrict
- Allowed mac addresses : 3
- Dynamic mac address learning.

2. Configure port security on interface Fa 0/2 of the switch with the following settings :
- Port security enabled
- Mode : shutdown
- Allowed mac addresses : 3
- Dynamic mac address learning.

3. Configure port security on interface Fa 0/3 of the switch with the following settings :
- Port security enabled
- Mode : protect
- Static mac address entry : 00E0.A3CE.3236

4. From LAPTOP 1 :
Try to ping 192.168.1.2 and 192.168.1.3. It should work.
Try to ping 192.168.1.4 and 192.168.1.5. It should work.

5. Connect ROGUE laptop to the hub.

Try to ping 192.168.1.1. It should work.
Try to ping 192.168.1.4. It should fail.

06-Oct-14 11:34 PM

Lab4 :Port security

2 of 2

http://www.packettracernetwork.com/packettracer53labs/port-security.html

Coming soon

Trademark notice: This web site and/or material is not affiliated with, endorsed by, or sponsored by Cisco Systems, Inc. Cisco

TM

, Cisco Systems

TM

, Cisco IOS

TM

TM
TM
TM
TM
, CCNA
, CCNP
, Networking Academy
, Linksys
are

registered trademark s of Cisco Systems, Inc. or its affiliates in the U.S. or certain other countries.

Free Download Books Pdf

readingfanatic.com
Choose From 1 Million Free Titles Download Now for Free eBooks!

Cisco 2960 in Nigeria

ng.chertcomputers.com
Cisco Catalyst 2960 Series switch From N80k 24hr or 2-3 days delivery

06-Oct-14 11:34 PM