Curso personalizado de capacitación al area sistemas para NNN ( reservado )

                        5/1 al 27/1 del 2010, Academia local Cisco, Rosario

                        Instructor: Ernesto Vilarrasa

 

         Administración  / Spanning tree /  VLAN  / Wireless LAN / Seguridad

                                                                                                                                                         Parte 1

                                                                                                                                                            Parte 2

                                                                                                                                                               Parte 3

                   Implementando seguridad de puerto en el switch:

                  

                  

 

                   SW_2#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

SW_2(config)#int fa0/2 nos paramos dentro de la interfaz

SW_2(config-if)#switchport mode access

SW_2(config-if)#switchport port-security habilitamos la seguridad

SW_2(config-if)#switchport port-security mac-adderss sticky reconoce como segura

SW_2(config-if)#                                        la primer MAC que aprenda

SW_2(config-if)#switchport port-security violation shutdown anula el port si se conecta otra MAC

SW_2(config-if)#end

SW_2#

%SYS-5-CONFIG_I: Configured from console by console

SW_2#sh port-security verificamos

Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action

                           (Count)       (Count)        (Count)

--------------------------------------------------------------------

        Fa0/2        1          0                 0         Shutdown

----------------------------------------------------------------------

SW_2#sh runn

Building configuration...

 

Current configuration : 1126 bytes

!

version 12.2

!

---resumido---

!

interface FastEthernet0/2

 switchport mode access

 switchport port-security

 switchport port-security mac-address sticky

 spanning-tree portfast

!

 

Una vez generado tráfico ( ejemplo: ipconfig/ release )

                       

!

interface FastEthernet0/2

 switchport mode access

 switchport port-security

 switchport port-security mac-address sticky

 switchport port-security mac-address sticky 0001.9795.6E70

 spanning-tree portfast

!

 

                       

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up

%LINK-5-CHANGED: Interface FastEthernet0/2, changed state to administratively down

 

SW_2#sh port-security

Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action

               (Count)       (Count)        (Count)

--------------------------------------------------------------------

        Fa0/2        1          1                 1         Shutdown

----------------------------------------------------------------------

SW_2#

!

                       

SW_2#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

SW_2(config)#int fast 0/2

SW_2(config-if)#shut

 

%LINK-5-CHANGED: Interface FastEthernet0/2, changed state to administratively down

SW_2(config-if)#no shut

 

%LINK-5-CHANGED: Interface FastEthernet0/2, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up

SW_2(config-if)#^Z

SW_2#