Posted filed under Cisco CCNP.

 

In order to Prevent Man-In-Middle Attack we will use Port Security (for Example to secure Port f0/3)

 

Step 1) Enable port-secuity

SW1(config)#interface FastEthernet0/3

SW1(config-if)# switchport mode access

SW1(config-if)# switchport port-security

 

Step 2) Tell Switch how many Mac address is allowed

SW1(config-if)# switchport port-security maximum 2

 

Step 3) Tell which Mac address is allowed (either automatic or statically)

SW1(config-if)# switchport port-security mac-address 1111.1111.1111

SW1(config-if)# switchport port-security mac-address sticky 0040.0B97.3490

 

Step 4) take Action; either protect, restrict or shutdown mode

SW1(config-if)# switchport port-security violation restrict

 —————————————————————————

To Become Cretified For Cisco CCNP Please Visit This Link

ccnp-port-security

              

Comments are closed.