You can control to access your switch port. For example, you can control who can access a specific interface of a switch or how many devices could be connected to a specific switch interface. There is a feature called Switch Port Security that allow you to do so. In this exercise, we will explain how to configure switch port security.
Before configuring switch port security on a switch, let’s have a look at the commands used to configure it.
In the following figure, the first command shows the sub-commands that are used to configure switch port related options. The second command shows the sub-commands that are used to configure port security related options.
We will use the following topology to configure switch port security. Create the following topology in Cisco Packet Tracer.
1. First of all open the Command Prompt of PC1 and execute the ipconfig /all command and note down its MAC address.
2. Next, switch to the interface on which you want to implement port security. For example interface Fa0/ 1.
Switch( config)# interface fa0/ 1
3. Next, execute the following commands to enable the access mode and port security feature.
Switch1( config-if)# switchport mode access Switch1( config-if)# switchport port-security
4. Next, execute the following commands to bind the MAC address that you want to allow to access this interface and to set the maximum number of MAC addresses to this interface.
Switch1( config-if)# switchport port-security mac-address 00D0. BC9A. 42DC Switch1( config-if)# switchport port-security maximum 1
5. Next, execute the following commands to set the violation policy and exit from the interface configuration mode.
Switch1( config-if)# switchport port-security violation shutdown Switch1( config-if)# exit Switch1( config)# exit
6. The following figure shows the port-security configuration options.
7. Next, execute the following command to show the MAC addresses associated with the interfaces, as shown in the following figure.
Switch# show port-security address
8. The following figure port-security configuration example.
9. Next, execute the following command to show the port security settings of the interface Fa0/ 1, as shown in the following figure.
Switch# show port-security interface 0/ 1