Savino
To pass your CCNA exam and earn this coveted certification, you need to understand the specifics of port-based authentication. This knowledge has a wonderful deal of value in production networks as properly, because this authentication scheme is routinely implemented. Let's take a look at this distinct CCNA skill.
Consider a situation where you have a server that will be connected to your switch, and you want the port to shut down if a device with a diverse MAC address that that of the switch attempts to connect to that port. You could also have a circumstance where you have somebody who has a connection to a switch port in his office, and he desires to make positive that only his laptop can use that port.
Both of these examples are real-planet situations, and there are two solutions for every. 1st, we could produce a static MAC entry for that specific switch port. I don't advise this, mainly due to the fact each you and I have much better factors to do than manage static MAC entries. The better resolution is to configure port-based authentication on the switch.
The Cisco switch utilizes MAC addresses to enforce port safety. With port safety, only devices with particular MAC addresses can connect to the port successfully. This is one more reason supply MACs are looked at just before the destination MAC is examined. If the source MAC is non-secure and port-based authentication is in effect, the destination does not matter, as the frame will not be forwarded. In essence, the source MAC address serves as the password. lennox warranty registration
MAC addresses that are allowed to successfully communicate with the switch port are secure MAC addresses. The default number of safe MAC addresses is 1, but a optimum of 132 secure MACs can be configured.
When a non-secure MAC address attempts to communicate with the switch port, a single of three actions will occur, depending on the port security mode. In Safeguard mode, frames with non-secure MAC addresses are dropped. There is no notification that a violation has occurred. The port will continue to switch frames for the safe MAC address.
In Restrict mode, the identical action is taken, but a syslog message is logged by means of SNMP, which is a messaging protocol used by Cisco routers.
In Shutdown mode, the interface goes into error-disabled state, the port LED will go out, and a syslog message is logged. The port has to be manually reopened. Shutdown mode is the default port-safety mode.
Port-based authentication is just 1 of the several switching skills you'll have to demonstrate to earn your CCNA certification. Make confident you know the basics shown right here, which includes the action of every single specific mode, and you happen to be on your way to CCNA exam achievement!