Time
13 hours 57 minutes
Difficulty
Beginner
CEU/CPE
14

Video Transcription

00:00
Hello and welcome back to I see anyone interconnecting Cisco networking devices are one. This is episode 334 Troubleshooting poor security
00:09
in Trenton. Hero and I will be restructured for this course.
00:12
US video went over kind of how this switch determines where to send frames and how it actually does send frames of this video. We look at control shooting a poorly configured switch with port security enabled and look at those violation molds once again.
00:27
So learning objectives were gonna learn these show commands to troubleshoot support security.
00:31
A quick pre assessment question. Get your brain thinking which violation mode will not shut down the porter logging messages but will discard a funding traffic.
00:44
All right, it is the protect mode. I've gone ahead and configured FAA 06 already with protecting and I have shut down set on F A 02 and we'll go through what each of those look like again.
00:56
So Charles shouldn't port security here. If you guys can show running configures a phenomenal resource, you can look att tthe e port security mode. Show port security is going to show you the few port security settings and I'll show you the
01:11
port said it's enabled on along with their violation modes show interfaces F A zero to will show if it's, um, every disabled or not. Remember the show I p interface brief will not show our disable those or say it's down
01:23
the show Port security interface FAA Zahra to is going to show, you know, the last Mac, it's actually gonna show the violation. Mom is going to show your counters if you have counter, if you have enabled gonna show your port status. You know, secure ops here, here, down.
01:38
So remember, restrict will send log messages as an MP messages and create increment that violation counter, whereas protect is not going to do that.
01:48
Both modes air. Still gonna ford the good traffic and discard the bad traffic. Where I shut down is gonna kill that port and put it into air disabled mode.
01:57
He's gonna bring up the party session here
02:00
and
02:02
library,
02:06
and, uh
02:07
so I'm gonna show you the show run commands a quick half a zero to.
02:12
So we still have our description on their Kelly where you are, mode enabled, and I have a Mac address sticking on there
02:19
just because I love sticky, and it's so much easier and typing it up.
02:23
So remember where this is under the shutdown mode, because that is the default mode for port security. As if if we go to weaken just to get the Pharaoh, go to six.
02:35
You see the violation motors under protect
02:38
both Somerset. Both enabled.
02:42
Now, if we do, I'll show you show ports security.
02:46
We're gonna see 02 is under shut down 06 under protect.
02:52
And both, um, have zero violations.
02:55
Remember, the protect is not gonna show violation counts.
03:00
It's gonna make it a lot more difficult to troubleshoot.
03:05
So let's run a
03:07
show. Interfaces FAA 02
03:13
status.
03:15
So we're connected. It's working.
03:17
We have not pop for security yet.
03:20
And lastly, we'll do a show port security interface at 02
03:27
We are secure up for violation of is shut down.
03:30
We have one total Mac address for maximum with one on there. We have zero security violation. What I'm doing to go ahead and pop on and our device on the FAA zero to and we'll watch this
03:44
air disable.
03:51
All right. So hopefully should be. Let's see, we got up and we'll give it a second. It should go to Port Security or disable soon.
04:02
Alright, there we go.
04:04
So now we air disabled. So let's go back through. See what changed? So we would show it Run interface FAA 02
04:13
So that still shows the same thing. That hasn't changed at all. So if we do a show Port Security,
04:19
the only thing that really changed is we haven't we have a violation count? It doesn't say the status of the port, but we do have a violation count. Now
04:29
let's run a show interfaces F A's or two status.
04:33
Boom. Here we go. They're disabled.
04:36
So we have something now. We have no something to chase,
04:40
So show ports security interface. FAA 02
04:45
Here we go.
04:46
We are
04:47
secure shutdown,
04:50
and we have one violation counts.
04:55
I'm gonna go ahead and just shut the interface down.
05:00
Two.
05:01
Shoot. I'm gonna go ahead and remove that
05:04
offending device from
05:08
best Ethan. That too. And go ahead and plug it into fast. He's in at six, and we'll see what the difference looks like. They're
05:21
all right. So we're back.
05:25
So I'm gonna run a no Shut up on that phaser. What's useful? Get that one back up,
05:30
all right.
05:30
And let's see if anything changed for F A 06 where this one is under the restrict or protect mode. Excusing,
05:38
she'll run F A 06
05:43
and nothing changed. Let's do a show. Port Security.
05:47
Remember, we're not going to see a violation count on this one.
05:53
We'll see if we have anything under show interface, a vase or two. Status
05:59
still says connected. Show
06:01
port Security interface. FAA 02
06:06
Okay, and where you are? Still secure up in violation count zero.
06:13
But there is a defending her elf offending device. Flooded, eh? Phase or six. This is why this one's particular player difficult to troubleshoot.
06:20
So let's try the show run interface F A 06 while we have this one up here.
06:28
So here is the way you can tell. Look at the two Mac addresses.
06:32
Your last source. Mac was here, whereas this is the one that's actually enables for the poor.
06:39
That's how you're going to tell in this one.
06:42
It's a lot more difficult, whereas if we were to go into
06:46
here a phaser six, how much we're going to shut it down.
06:48
Bridget Swissport Port Security violation to restrict.
06:56
And we'll do a no shuts. Wash how fast it goes up and down.
07:04
No, that one won't go down. Remember?
07:09
But we do have violation counters.
07:11
I'm actually gonna stop the pink so these aren't going off like crazy.
07:16
Clear why? That's just gonna keep sending violations. So we'd run a show. Ron Interface, FAA 06
07:24
Nothing changed.
07:25
Show port security.
07:28
Okay,
07:29
now we're getting violation counters
07:30
and show her face phase or two status.
07:36
We're still connected. So remember, it's not gonna It's only discarding that offending traffic. It's still gonna love that good traffic all through. So I could plug in Mylar device and pink right through without an issue that wouldn't have to shut. No. Shut the port.
07:49
And if we do a show port security interface. FAA 06
07:57
Here we go.
07:59
28 counts
08:01
and we'll see what Mac addresses show run interface. If a 06
08:05
we had different Mac addresses as well.
08:09
So it's another way to check.
08:13
All right, we're gonna go ahead and move on to the post assessment here.
08:18
What is the violation mode if he status of the port has error disabled. Hopefully, you get this one by now.
08:28
Yes, it is the shutdown mode
08:35
in the next episode in the last episode for this module. Actually, we're gonna go ahead and look a troubleshooting dealings and villain trunks.
08:43
As always, If you have any questions, need any help? Feel free to shoot a message. Otherwise, thank you for washing this lesson. And I look forward to seeing the next one.

Up Next

CCNA ICND1

This course will enable students to understand virtualization and cloud services, and network programmability related to LAN, access and core segments.

Instructed By

Instructor Profile Image
Trenton Darrow
Network Engineer at NCI Information Systems, Inc
Instructor