Hands-on Labs
639
9.
Verify that the switch is IP-less by typing show ip.
10.
Set the IP address, subnet mask, and default gateway of the switch:
config t
ip address 172.16.10.100 255.255.255.0
ip default-gateway 172.16.10.1
11.
Verify the configuration by typing show ip.
12.
Type show mac-address-table to see the forwarding table. Notice
that all MAC addresses have been found dynamically.
13.
Add a static entry into the filter table by using the permanent command:
config t
mac-address-table permanent 083c.0000.0001 e0/9
14.
Type show mac-address-table, and notice the permanent entry for
interface e0/9.
15.
Use the mac-address-table restricted static global configura-
tion command to associate a restricted static address with a particular
switched-port interface:
config t
mac-address-table restricted static 083c.0000.0002
e0/3 e0/4
The above command only allows traffic to the restricted static address
083c.0000.0002 on interface e0/3 from interface e0/4.
16.
Go to interface e0/1 and use the port secure max-mac-count 1 com-
mand to enable addressing security and allow only one MAC address
in the filter table on that port. By default, up to 132 MAC addresses
can be associated with a single port. By using this command, we will
allow only one workstation:
config t
int e0/1
port secure max-mac-count 1
17.
Verify which ports have port security on them by typing show
mac-address-table
security. Notice that port e0/1 security is
enabled.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com