HTML
   HTML5
   CSS
   CSS3
   JavaScript
   jQuery
   AngularJS
   Articles
   Tech Articles
   Blog
Google News
logo
CCNP Security - Interview Questions
Switchport Security Configuration
As with any feature configuration there are a number of different guidelines and requirements that need to be known before a configuration is implemented:
 
* Switchport security can only be configured on statically configured access or trunk ports (access or trunk); dynamic switchport modes are not supported.

* Switchport security is not supported on Switch Port Analyzer (SPAN) destination ports.

* Switchport security is not supported along with Etherchannel (Fast or Gigabit).

* When configuring switchport security on a switchport that is configured with a voice VLAN, ensure that the maximum number of MAC addresses is raised to account for the voice and data devices connected.

* Switchport security aging is not supported along with the Sticky secure MAC address type.
 
The configuration of switchport security is not overly complex; the following commands are used when initially configuring a switchport with security :

1

router#configure terminal

Enters the device into global configuration mode

2

router(config)#interface interface-id

Enters the device into interface configuration mode

3

router(config-if)#switchport mode {access | trunk}

Statically configures the switchport into access or trunk mode

4

router(config-if)#switchport port-security

Enables switchport port security

5

router(config-if)#switchport port-security maximum value [vlan {vlan-id | {access | voice}]

Configures the maximum number of MAC addresses that are permitted by switchport security; by default this is set to 1 MAC address.

6

router(config-if)#switchport port-security violation {protect | restrict | shutdown [vlan]}

Configures the switchport security violation mode; by default this is set to shutdown.

7

router(config-if)#switchport port-security mac-address mac-address [vlan {vlan-id | {access | voice}]

Configures a static secure MAC address on a switchport

8

router(config-if)#switchport port-security mac-address sticky

Configures the use of sticky learning on a switchport

9

router(config-if)#switchport port-security aging {static | time time| type {absolute | inactivity}}

Configures the use of switchport port-security aging, the aging time and/or the aging type. The default is for switchport port-security aging to be disabled.
More Technologies Interview Questions
Machine Learning
Artificial Intelligence
IOT QUIZ
Blockchain
Deep Learning
Data Science
LLM
ChatGPT
Metaverse
DevOps
Cyber Security
Ethical Hacking
HyperAutomation
Microsoft Azure
AWS
Cloud Computing
Quantum Computing
Edge Computing
Cognitive Computing
RPA
5G Network
Checkpoint
Neural Networks
Virtual Reality
Augmented Reality
Full Stack Developer
Web Services
Angular
Node JS
React JS
C-Language
CPP (or) C++
More
Advertisement