[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 369
  • Last Modified:

Cisco switchport port-security

For the catalyst switch, what do the following commands do?

int fa0/3

...

switchport port-security

switchport port-security violation restrict

...

spannig-tree bpduguard enable

spanning-tree portfast

Thanks
0
leblanc
Asked:
leblanc
  • 3
3 Solutions
 
Bryant SchaperCommented:
switchport port-security - mac security at the port, only mac listed have access
switchport port-security violation restrict - one of the violiation methods of port-security, restrict is an admin notification in the log
spannig-tree bpduguard enable - BPDU Guard is designed to protect your switching network. Remember that a Port-fast port is designed to be connected to a device where BPDU’s aren’t expected. This could be a end user device, server or access-point.  When an unexpected BPDU is detected (an end-user wants to plug in a switch in his cubicle) the port will shutdown and enter a err-disable state.
spanning-tree portfast - for access ports, Portfast minimizes the time it takes for the server or workstation to come online
0
 
leblancAccountingAuthor Commented:
If my fa0/3 is a trunk, do I need those commands there?
0
 
Bryant SchaperCommented:
I would not use any of those commands, actually they will cause more problems, loopbacks, and also the security could shutdown the port.  I would only use them on access ports.
0
 
Bryant SchaperCommented:
Spanning tree portfast would cause a loopback

bpduguard would shutdown the port if it senses another switch via bpdu packets
0

Featured Post

Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now