Hello and welcome back to I, C and D one interconnecting Cisco Networking devices. Part one,
this is episode 234 Trend Darrow. Very structure for this course.
Unless video one over configuring speed and duplex options, I'm switching our faces along with the other negotiation. This episode will be covered in port security, the different options with it and the security moves
and the learning objectives burn over the violation modes. We're gonna show you how to configure it, and then we're gonna verify it.
And a quick pre assessment. Hopefully remember this from the lesson introduction. Which port security violation mode will shut down the port into an air disabled states
also, remember, I'll give you a few seconds.
All right? It is the shutdown violation mode
and quick lab notes. Rumor I swept up Mike Ality or my voodoo server with the Cali Lennox of'em.
I'm actually just removed the windows Hot 10 host in the Browder for the SoHo Broader from this because it's kind of relevant. So then I still laptop there with the veal and one set, so make sure that all these I pee their set
and we'll go in. I'm just going to verify We have that. We can ping everything quick.
Someone's gonna bring up putty.
All right, let's do a king to 10. 12 50
were success, and we got 51
and we're success.
Now you probably want to verify on both ends as well. You want to
start from the laptop to the
to switch and then paying to the V M and back and forth started closest, then go farthest. Just minimize issues,
you know, jump right into port security. So what, it does it secure that switch interface based on the Mac address it receives on that port? Right?
So there's a couple of deacon statically configure or dynamically, or you sticky
configure the Mac address in the running config and the Do this under the interface configuration mode,
Um, we will go into an imminent the default violation mode, for this is going to be shut down. It's three different kinds. There's protect restrict a shutdown.
So the difference is is
all of them are going to discard offending traffic. If
port security has triggered,
um, restrict and shut down is going to log it and send it S and M p message, if that's set up, restricted shutdown are both going to increments. That violation counter,
but shut down is the only one is actually going to disable that port.
So we're going to a lab and show you what this actually means here in a minute.
All right, so here's the commands that you kind of wanna gotta have to No, um, I realized this a lot. We will go through all the use together here in the lab
if you want to just get these written down or quick, and we'll go through them all. So don't worry.
I'm gonna go ahead and bring up
party real quick,
and I'll just do a show Mac address table.
Actually, it's just do dynamic so we can avoid all that.
So you have.
All right. So I'm not sure why this one showed up, because these two are going to be both my
actual ones. Ministers of the M thing.
I don't know. I'm not gonna play that anyway, so we have just three right now, So why would we use
poor security? Um,
one thing that can happen is this. What's called camp table over, Folks. Remember the Mac address table stored in camp table.
So we go where I can't table overflow here, so I'm gonna show you the what it does is eventually the Mech address table completely fills up and
switch. Just kind of throws his arms up and says I'm done
and everything. All the
frames just get sent out. A report just just gets flooded everywhere.
So, one this is gonna this could be accused for a dedicated denial of service or just denial of service attack.
Um, it can also be used for sniffing. Right. So people that are sniffing packets on the network trying to get credentials or
trying to get credit card something like that that could be used for that Mean while everyone else is just gonna sit here and think, Why is the network running slow?
Um, meanwhile, he's captured all the packets that you're sending.
So I'm gonna go ahead and just bring up my Callie the Amro, quick, and I'll just show you the commander. Run.
Please do not run this unless it's in your own lab network. This is unless you have authorisation by the company.
So do you want a side of Keats Zero
and We'll just send 100 at a time with the Senate 1000 real quick.
All right, so now don't ring up party again
and we'll do a North Show that could dress table.
Yeah, and this is gonna go on for a while. So we can do is show Mack dressed table count.
So now it's so caught 433 of them.
So I'm gonna bring up Kelly again.
It will just go into that, because
that's its not gonna reach that.
So we'll just let that run. I'm gonna bring up, buddy,
and we'll just go through and we're pretty way up, man. We're full up
area. They're full up. 48 sport reserved. Um,
so at this point, anything would be sent out everything. And it's just being broadcasted. Basically,
I'm gonna go ahead and stop it real quick. Just control. See,
because I don't wantto kill my connection away.
We're gonna do is just clear. Mac address table.
I name it.
Anyway, that's that's how easy it is. Um, if you don't have port security enabled, there's still weighs on port security, if you know,
very useful and easy to configure thing.
So go and jump into it here.
Figured t going to interface first. Even zero
six for the
gateway. Want to laptop?
And we'll do switch ports, ports, security.
Just enter first.
Oh, sir, Sports mode.
So you have to. So if we're going to hear, you have to set your switch Port
as either trunk or access it can't be said is dynamic has to be one of the two. Access or trunk.
it's gonna be important. Switch port Port security. This will actually enable port security.
And let's go switch port. Port security will go to maximum of one Mac address.
All right, all right. So much. You're gonna set this one to the violation mode.
Restrict. So it's not gonna actually shut down that interface. It's just gonna keep walking
violation counters and, you know,
blogging actual ares.
So I will do They do show, run face. That makes six.
All right, So you have to shut the address down where have the device on plug before you can enter that port Security Mac address.
So I'm gonna do a no. Shuts was enable its Onda show port security interface phase. They're six, and we'll see the last source we are and restrict our secure up
violation Counter zero. Somebody go out and plug in my surface, leapt up, and we'll see that violation counter Go up.
All right. So I just went ahead and sent a constant ping through this one.
All right, so now we're seeing in port security violations
messages here. Like I said, there is a message. And if we go and we should see the violation counter it happening because I have a constant ping going through right now. It's just spamming it. So it'll just keep seeing it go up someone go ahead and cancel it out right now. And I'm gonna plug in the old device.
All right, so now we're back here on DU Port Security.
All right, so now we are so last sources on the old one.
So I'm gonna send out a ping through the booty laptop that is now plug back in.
All right, so now that the gateway or the you boon to laptop's plugged back in it can paying. It works. Fine. My pings on my surface, lad. Top that.
You know, I was setting the violation counts up that one couldn't ping because it was discarding that offending traffic. Right.
So let me show you the difference with this and the shutdown mode. So the interface FAA 06
Sore sport court security violation. Shut down.
So now let's do a show. Port security interface F A 06
So now we are unable Risk Europe. Shut down! We have one configured Mac address.
I'm gonna go ahead and plug in there. I'm gonna make sure that we can ping on the gateway real quick.
All right, so the gateway still pinging. I'm gonna go ahead and unplug the gateway. Heard the boon to leapt up and plug in the surface. Lad. Top row quick.
All right. So should see the port security violation coming in soon.
Alright, here we go.
As we're waiting for port security violation were Aargh disabled state.
You're on this. We're in secure Shut down.
And if you look into the show I clean interface brief,
you will see it is down as well. If you run a show and status,
you will see the error disabled state
to know these different show commands. They're gonna help you out in the exam a lot. It's gonna be a huge thing is knowing what show commands to use. So remember him.
So now you've seen what you know, where strict does when it discards a traffic. So the only thing with restrict and protect is remember that
protects, will, you won't see the log messages. You won't see the violation counter
essentially the port you just can't use on the offending device.
Um, the restrict will actually log that message and set the violation counter and let you know that there's something happening but assumed you plug in the original device, it starts working again.
But now that we're in an air disabled state from the defending device and the state
from the shutdown mode, I'm gonna go ahead and plug in my gateway or the Abou to laptop again, and we'll see what happens.
All right, so I'm getting a network unreachable. Um,
um, my gateway to Europe into that tub right now,
So if we do this again, we're still air disabled. So why isn't working?
So when it gets into the air to see, it will stay. And you're confident that you have the correct device plugged on, Just going to interface FAA 06
So we're going to interface configuration will shut it down and put it into administratively. Shut down mode.
I think you'll see Here
it is disabled. Now it's administratively. Shut down.
So, like we see interface, run this one,
uh, to show your face of phase or a six.
This one gives a lot more information. Right? So you can see that is actually administrative it shut down.
How to do plaques on the speed
play around all these different show commands that just learned him. See what you can learn from See what gives you what information What once you know,
shows you what?
So now that we're into an administrative shut down, the little is doing no shuts to bring the port back up.
I'm gonna start the ping on the late Gateway
Show I P interface brief.
All right, so now we're up. Up.
We're on a show port security interface of phaser six. Again.
We'll see. Secure up.
Right. And the pink commands air going through on the gateway laptop now.
All right, I apologize. Videos probably getting snipped in here. And they're, um
But one thing I realized I forgot to do was show you guys the Mac address sticky
and the Mac address and learning. So we did. We did a static Mac address. So I'm gonna go ahead and do the Mac address Sticky. So the switch ports,
Port security, Mac address
So this is nice, because, um,
let's say you're rewiring an entire closet. You can just set them all the sticky. And let's say you, you know, for a fact that every device that's gonna be plugged in is your device and that a malicious device
instead of having to type in every single Mac address, which will just be tiresome,
we can use sticky, and it'll automatically pull it in. So if we do a show Ron interface, FAA.
All right. I'm gonna go ahead and send some pink commands from the a boon to laptop pulled it in its ah, much more convenient.
All right, so I'm gonna go ahead and get the party session out here.
All right? Finally answer the post assessments. What must you designate to switch port? As which the two following to configure port security.
So remember, you must you have to designate it as to one of two things in order. Configure port security for the interface. So give me a few seconds toe. Figure it out.
All right. Remember, it is your trunk port or access ports. You can't have it set on
the auto mode.
Right in the next module. We're gonna go over Eastern that lands the design of the lions and troubleshooting. I couldn't find any good broadcast and collision domain pictures that looked interesting.
So I just tried to find a mean. Hopefully, you guys enjoyed it.
And as always, if you guys have questions, you need some help. Feel free to shoot me. Message. Otherwise, thank you for watching this video.
You know, before you see the next one.