SW2>en
SW2#config t
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#
SW2(config)#
SW2(config)#int f0/1
SW2(config-if)#swi port-security
SW2(config-if)#swi port-security maximum 1--------à设置最大连接数
SW2(config-if)#swi port-security violation shutdown----à如果超过最大连接数,立刻down
SW2(config-if)#swi port-security mac-address 000D.BD8B.7BB5---à端口绑定mac
SW2(config-if)#end
SW2#
%SYS-5-CONFIG_I: Configured from console by console
SW2#
SW2#
SW2#
SW2#
SW2#show por
SW2#show port-security
Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action
(Count) (Count) (Count)
--------------------------------------------------------------------
Fa0/1 1 1 0 Shutdown -------à最大MAC绑定连接数
----------------------------------------------------------------------
SW2#
SW2#
SW2#
SW2#
SW2#
SW2#
SW2#show por
SW2#show port-security
Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action
(Count) (Count) (Count)
--------------------------------------------------------------------
Fa0/1 1 1 0 Shutdown
----------------------------------------------------------------------
SW2#
SW2#
SW2#
SW2#
SW2#
SW2#
SW2#
SW2#show por
SW2#show port-security add
Secure Mac Address Table
-------------------------------------------------------------------------------
Vlan Mac Address Type Ports Remaining Age
(mins)
---- ----------- ---- ----- -------------
2 000D.BD8B.7BB5 SecureConfigured FastEthernet0/1 – MAC地址
------------------------------------------------------------------------------
Total Addresses in System (excluding one mac per port) : 0
Max Addresses limit in System (excluding one mac per port) : 1024
SW2#
SW2#
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
SW2#
SW2#
那么绑定成功之后,换任何一台PC都是没有用的,他会直接down,如果某员工走了,我们想使用这个端口连接新的设备怎么办?
SW2>enable
SW2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#interface FastEthernet0/2
SW2(config-if)#int f0/1
SW2(config-if)#ip po
SW2(config-if)#
SW2(config-if)#swi por
SW2(config-if)#swi port-security mac
SW2(config-if)#swi port-security mac-address 0004.9A4C.7D2B--------à设置新的MAC绑定,但是不行,因为最大设备连接数为1
Total secure mac-addresses on interface FastEthernet0/1 has reached maximum limit.
SW2(config-if)#
SW2(config-if)#
SW2(config-if)#
SW2(config-if)#
SW2(config-if)#no sw
SW2(config-if)#no swi po
SW2(config-if)#no swi port-security m
SW2(config-if)#no swi port-security ma
SW2(config-if)#no swi port-security mac
SW2(config-if)#no swi port-security mac-address ----àno MAC绑定
% Incomplete command.
SW2(config-if)#
SW2(config-if)#
SW2(config-if)#
SW2(config-if)#
SW2(config-if)#end
SW2#
%SYS-5-CONFIG_I: Configured from console by console
SW2#
SW2#show por
SW2#show port-security add
Secure Mac Address Table
-------------------------------------------------------------------------------
Vlan Mac Address Type Ports Remaining Age
(mins)
---- ----------- ---- ----- -------------
2 000D.BD8B.7BB5 SecureConfigured FastEthernet0/1 -
------------------------------------------------------------------------------
Total Addresses in System (excluding one mac per port) : 0
Max Addresses limit in System (excluding one mac per port) : 1024
SW2#
SW2#
SW2#config t
SW2#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#
SW2(config)#int f0/1
SW2(config-if)#no switchport port-security mac-address 000D.BD8B.7BB5-----à取消之前的绑定
SW2(config-if)#swi port-security mac-address 0004.9A4C.7D2B------------à新绑定
SW2(config-if)#
SW2(config-if)#
SW2(config-if)#
SW2(config-if)#shutdown
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to
SW2(config)#int f0/1
SW2(config-if)#shutdown
SW2(config-if)#no shutdown
SW2(config-if)#
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up