Step 1: Connect PC1 to the switch
Step 2: Connect PC2 to the switch
Step 3: Configure PC3 but do not connect
Step 4: Perform an initial configuration on the switch
a. Configure the hostname of the switch as Switch1
b. Set the privileged EXEC mode password to cisco.
c. Set the privileged EXEC mode secret password to class.
d. Configure the console and virtual terminal lines to use a password and require it at login.
e. Exit from the console session and log in again.
Which password was required to enter privileged EXEC mode?
Why?
Step 5: Configure the switch management interface on VLAN 1
a. Enter the interface configuration mode for VLAN 1.
b. Set the IP address, subnet mask, and default gateway for the management interface.
Why does interface VLAN 1 require an IP address in this LAN?
What is the purpose of the default gateway?
Step 6: Verify the management LANs settings
a. Verify that the IP address of the management interface on the switch VLAN 1 and the IP address of PC1 and PC2 are on the same local network. Use the show running-config command to check the IP address configuration of the switch.
b. Verify the interface settings on VLAN 1.
What is the bandwidth on this interface?
What are the VLAN states?
VLAN 1 is __________ and line protocol is __________.
Step 7: Disable the switch from being an http server
Step 8: Verify connectivity
a. To verify that hosts and switch are correctly configured, ping the switch IP address from the hosts. Were the pings successful?
If the ping is not successful, verify the connections and configurations again. Check to ensure that all cables are correct and that connections are seated. Check the host and switch configurations.
b. Save the configuration.
Step 9: Record the host MAC addresses
Determine and record the Layer 2 addresses of the PC network interface cards. From the command prompt of each PC, enter ipconfig /all.
PC1 __________________________________________________
PC2 __________________________________________________
PC3 __________________________________________________
Step 10: Determine what MAC addresses the switch has learned
Determine what MAC addresses the switch has learned by using the show mac-address-tablecommand at the privileged EXEC mode prompt.
How many dynamic addresses are there?
How many total MAC addresses are there?
Do the MAC addresses match the host MAC addresses?
Step 11: View the show mac-address-table options
View the options that the show mac-address-table command has available.
Switch1(config)#show mac-address-table ?
What options are available?
Step 12: Set up a static MAC address
Step 13: Verify the results
a. Verify the MAC address table entries.
Switch1#show mac-address-table
How many dynamic MAC addresses are there now?
How many static MAC addresses are there now?
b. Remove the static entry from the MAC Address Table.
Step 14: List port security options
a. Determine the options for setting port security on interface FastEthernet 0/4.
What are some available options?
b. To allow the switch port FastEthernet 0/4 to accept only one device, configure port security.
c. Exit configuration mode and check the port security settings.
If a host other than PC2 attempts to connect to Fa0/4, what will happen?
Step 15: Limit the number of hosts per port
a. On interface FastEthernet 0/4, set the port security maximum MAC count to 1.
b. Disconnect the PC attached to FastEthernet 0/4. Connect PC3 to FastEthernet 0/4. PC3 has been given the IP address of 192.168.1.5 and has not yet been attached to the switch. It may be necessary to ping the switch address 192.168.1.2 to generate some traffic. Record any observations. _____________________________________
Step 16: Configure the port to shut down if there is a security violation
a. In the event of a security violation, the interface should be shut down. To make the port security shut down, enter the following command: Switch1(config-if)#switchport port-security violation shutdown
What other action options are available with port security?
b. If necessary, ping the switch address 192.168.1.2 from the PC3 192.168.1.5. This PC is now connected to interface FastEthernet 0/4. This ensures that there is traffic from the PC to the switch.
c. Record any observations. _____________________________________________________________________________
d. Check the port security settings
Step 17: Show port 0/4 configuration information
FastEthernet0/4 is __________ and line protocol is __________.
Step 18: Reactivate the port
Step 19: Disable unused ports
Step 20: Reflection
a. Why would port security be enabled on a switch?
b. Why should unused ports on a switch be disabled?
Tidak ada komentar:
Posting Komentar