Free Certification Practice Tests and Study Guides
Join Us! | Login | Help




Switchport Security

 
Post new topic   Reply to topic     |##| -> |=|     MC MCSE Certification Forums -> CCENT/CCNA
View previous topic :: View next topic  
Author Message
fjohnson
Becoming a Regular
Becoming a Regular


Joined: 11 Aug 2010
Posts: 46
Location: New York

Post subject: Switchport Security
Posted: Wed Dec 01, 2010 12:42 pm
Reply with quote

Help others: Review your books and training products here

This question is in regards to mac-address sticky.
I thought the purpose of the sticky command was to be used when you have a device plugged into the port to capture the mac-address so you don't have to manually enter the mac-address? If it is, then I am doing something wrong.

#interface fa0/1
#switchport mode access
#switchport port-security
#switchport port-security mac-address sticky
#switchport port-security maximum 1
#switchport port-security violation shutdown
_________________
FJohnson
A+, Network+, MCSE 2000.
soon CCNA.
Back to top
Offline View user's profile Send private message
Headhunter
Moderator
Moderator


Joined: 26 Feb 2003
Posts: 5638
Location: New Zealand

Post subject:
Posted: Wed Dec 01, 2010 2:35 pm
Reply with quote

Help others: Review your books and training products here

is there a mac address in the sh run?
_________________
Koen
CCSI #30501 CCNP CCIP CCVP CCSP CCDP Cisco Advanced Wireless LAN Field Specialist Cisco Unity Design Specialist Cisco IP Telephony Design Specialist JNCIS-ES JNCIA-ER JNCIA-EX MCSE MCSA:Messaging
Back to top
Offline View user's profile Send private message Visit poster's website
kidvelvet
Moderator
Moderator


Joined: 10 May 2004
Posts: 3629
Location: Hillsboro, OR

Post subject:
Posted: Wed Dec 01, 2010 9:04 pm
Reply with quote

Help others: Review your books and training products here

Sticky keeps the mac address in the running config, and if a wr mem is performed, it will be there when there is a reboot. As HH said, is there a mac address in the running config?
_________________
kidvelvet
www.kidvelvet.net

Yes, your problem is the most important. Just like everybody else's.
Back to top
Offline View user's profile Send private message Visit poster's website
fjohnson
Becoming a Regular
Becoming a Regular


Joined: 11 Aug 2010
Posts: 46
Location: New York

Post subject:
Posted: Thu Dec 02, 2010 3:08 pm
Reply with quote

Help others: Review your books and training products here

No. I didn't put a mac address in, I was just doing a lab with two laptops and noticed when I connected them I had to always manually configure the mac-address.
_________________
FJohnson
A+, Network+, MCSE 2000.
soon CCNA.
Back to top
Offline View user's profile Send private message
Headhunter
Moderator
Moderator


Joined: 26 Feb 2003
Posts: 5638
Location: New Zealand

Post subject:
Posted: Thu Dec 02, 2010 4:10 pm
Reply with quote

Help others: Review your books and training products here

sim or real switch?
_________________
Koen
CCSI #30501 CCNP CCIP CCVP CCSP CCDP Cisco Advanced Wireless LAN Field Specialist Cisco Unity Design Specialist Cisco IP Telephony Design Specialist JNCIS-ES JNCIA-ER JNCIA-EX MCSE MCSA:Messaging
Back to top
Offline View user's profile Send private message Visit poster's website
fjohnson
Becoming a Regular
Becoming a Regular


Joined: 11 Aug 2010
Posts: 46
Location: New York

Post subject:
Posted: Thu Dec 02, 2010 9:36 pm
Reply with quote

Help others: Review your books and training products here

first tried it with the sim, but no part of the commands would work. Then tried it with my live rack, everything worked except for the sticky, where I had to input the mac-address manually.

basically if I had 12 workstations plugged in it would be hard to run to each machine and input each mac-address.
_________________
FJohnson
A+, Network+, MCSE 2000.
soon CCNA.
Back to top
Offline View user's profile Send private message
Headhunter
Moderator
Moderator


Joined: 26 Feb 2003
Posts: 5638
Location: New Zealand

Post subject:
Posted: Fri Dec 03, 2010 1:32 am
Reply with quote

Help others: Review your books and training products here

change maximum to 2
and do sh run
on the live rack
_________________
Koen
CCSI #30501 CCNP CCIP CCVP CCSP CCDP Cisco Advanced Wireless LAN Field Specialist Cisco Unity Design Specialist Cisco IP Telephony Design Specialist JNCIS-ES JNCIA-ER JNCIA-EX MCSE MCSA:Messaging
Back to top
Offline View user's profile Send private message Visit poster's website
fjohnson
Becoming a Regular
Becoming a Regular


Joined: 11 Aug 2010
Posts: 46
Location: New York

Post subject:
Posted: Fri Dec 03, 2010 12:54 pm
Reply with quote

Help others: Review your books and training products here

May I ask why 2? what I have read was that if you have the machines plugged in and then you put in the sticky command it captures that specific mac-address and stores it so no other device can connect.
_________________
FJohnson
A+, Network+, MCSE 2000.
soon CCNA.
Back to top
Offline View user's profile Send private message
Headhunter
Moderator
Moderator


Joined: 26 Feb 2003
Posts: 5638
Location: New Zealand

Post subject:
Posted: Fri Dec 03, 2010 2:26 pm
Reply with quote

Help others: Review your books and training products here

bug, we use 3 for phone and pc or it doesn't work
_________________
Koen
CCSI #30501 CCNP CCIP CCVP CCSP CCDP Cisco Advanced Wireless LAN Field Specialist Cisco Unity Design Specialist Cisco IP Telephony Design Specialist JNCIS-ES JNCIA-ER JNCIA-EX MCSE MCSA:Messaging
Back to top
Offline View user's profile Send private message Visit poster's website
fjohnson
Becoming a Regular
Becoming a Regular


Joined: 11 Aug 2010
Posts: 46
Location: New York

Post subject:
Posted: Fri Dec 03, 2010 7:42 pm
Reply with quote

Help others: Review your books and training products here

It worked. Ok so I had the devices unplugged then I set the maximum to 2 and input the other commands. I then plugged in two separate devices and did the "show run" and saw the mac-address in the config. I then swapped the devices to test it and sure enough it worked.

So I guess that is the answer to my question. You have to have the devices unplugged before you do the commands.
_________________
FJohnson
A+, Network+, MCSE 2000.
soon CCNA.
Back to top
Offline View user's profile Send private message
fjohnson
Becoming a Regular
Becoming a Regular


Joined: 11 Aug 2010
Posts: 46
Location: New York

Post subject:
Posted: Fri Dec 03, 2010 8:14 pm
Reply with quote

Help others: Review your books and training products here

Ok did some more testing and this time I did maximum 1 and configured the ports with the devices plugged in and SUCCESS.

Thank you
_________________
FJohnson
A+, Network+, MCSE 2000.
soon CCNA.
Back to top
Offline View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic     |##| -> |=|     MC MCSE Certification Forums -> CCENT/CCNA All times are GMT - 5 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum






IT Showcase