Configure Switch Port Security with Manual Static MAC Address
In this tutorial, we will learn how to configure switch port security with a manual static MAC address on a Cisco switch. This configuration ensures that only a device with a specific MAC address can connect to a particular switch port, enhancing network security by preventing unauthorized devices from accessing the network.
Topology
Topology Overview
The topology consists of a switch (S1) and a PC (PC1). The PC is connected to the switch’s FastEthernet 0/1 (Fa0/1) port. We will configure port security on this switch port to allow only the PC with a specific MAC address (000A.F3DA.18DA) to connect to it.
Type of Switch Port Security
- Switch Port Security with Dynamic Port
- Switch Port Security with Manual Static MAC Address
- Switch Port Security with MAC Address Sticky
- Switch Port Security with Violation (Shutdown, Restrict, Protect)
Steps to Configure Switch Port Security
- Enter privileged EXEC mode:
Switch>enable
- Enter global configuration mode:
Switch#configure terminal
- Set the hostname for the switch (optional):
Switch(config)#hostname S1
- Specify the interface to be configured:
S1(config)#interface fastEthernet 0/1
- Set the port to access mode:
S1(config-if)#switchport mode access
- Enable port security:
S1(config-if)#switchport port-security
- Assign a static MAC address to the port:
S1(config-if)#switchport port-security mac-address 000A.F3DA.18DA
- Exit interface configuration mode:
S1(config-if)#exit
- Save the configuration:
S1(config)#do write
Summary
By following the above steps, we have successfully configured switch port security on interface FastEthernet 0/1 to allow only the device with MAC address 000A.F3DA.18DA
to connect. Any other device with a different MAC address will be disallowed from accessing this port.
Verification
To verify the configuration, you can use the following command to check the port security settings:
S1#show port-security interface fastEthernet 0/1
This command will display the port security details, including the MAC address allowed and the security status of the port.
Conclusion
Switch port security is a crucial feature to secure your network by restricting access to only authorized devices. Configuring a manual static MAC address adds an extra layer of security, ensuring that only a specific device can connect to the network through a designated port.