Solved

Cisco switchport port-security

Posted on 2014-09-09
4
324 Views
Last Modified: 2014-09-11
For the catalyst switch, what do the following commands do?

int fa0/3

...

switchport port-security

switchport port-security violation restrict

...

spannig-tree bpduguard enable

spanning-tree portfast

Thanks
0
Comment
Question by:leblanc
  • 3
4 Comments
 
LVL 11

Accepted Solution

by:
Bryant Schaper earned 500 total points
ID: 40312586
switchport port-security - mac security at the port, only mac listed have access
switchport port-security violation restrict - one of the violiation methods of port-security, restrict is an admin notification in the log
spannig-tree bpduguard enable - BPDU Guard is designed to protect your switching network. Remember that a Port-fast port is designed to be connected to a device where BPDU’s aren’t expected. This could be a end user device, server or access-point.  When an unexpected BPDU is detected (an end-user wants to plug in a switch in his cubicle) the port will shutdown and enter a err-disable state.
spanning-tree portfast - for access ports, Portfast minimizes the time it takes for the server or workstation to come online
0
 
LVL 1

Author Comment

by:leblanc
ID: 40312594
If my fa0/3 is a trunk, do I need those commands there?
0
 
LVL 11

Assisted Solution

by:Bryant Schaper
Bryant Schaper earned 500 total points
ID: 40312607
I would not use any of those commands, actually they will cause more problems, loopbacks, and also the security could shutdown the port.  I would only use them on access ports.
0
 
LVL 11

Assisted Solution

by:Bryant Schaper
Bryant Schaper earned 500 total points
ID: 40312609
Spanning tree portfast would cause a loopback

bpduguard would shutdown the port if it senses another switch via bpdu packets
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now