Configure Switch Port Security with MAC Address Sticky
In this tutorial, we will guide you through the steps to configure switch port security with a sticky MAC address. This configuration ensures that only a specific device can connect to a particular switch port, enhancing network security. We will use the following network topology:
Topology Overview
- Switch: S1
- Port: Fa0/1
- PC: PC1 with MAC address 000A.F3DA.18DA
Type of Switch Port Security
- Switch Port Security with Dynamic Port
- Switch Port Security with Manual Static MAC Address
- Switch Port Security with MAC Address Sticky
- Switch Port Security with Violation (Shutdown, Restrict, Protect)
Steps to Configure Switch Port Security
- Access the Switch Configuration Mode
Switch>enable Switch#configure terminal Switch(config)#hostname S1
- Select the Interface
S1(config)#interface fastEthernet 0/1
- Set the Interface Mode to Access
S1(config-if)#switchport mode access
- Enable Port Security
S1(config-if)#switchport port-security
- Configure Sticky MAC Address
S1(config-if)#switchport port-security mac-address sticky
- Exit Interface Configuration Mode
S1(config-if)#exit S1(config)#do write
Important Note
Before entering the write
command, generate any traffic from PC1 through S1 to make the switch learn the MAC address in port security. You can achieve this by pinging or accessing a website from PC1.
Result
After completing the above steps, only the PC with the MAC address 000A.F3DA.18DA can connect to the FastEthernet 0/1 (Fa0/1) port of switch S1. Any other MAC addresses will be disallowed.
By following these steps, you can effectively secure your network by ensuring that only authorized devices can connect to specific switch ports.