Daya Bay Reactor Neutrino Experiment Sandbox/Sandbox > Cisco_CCNA_Certification_Exam_Tutorial:__Port-Based_Authentication Daya Bay webs:
Public | 中文 | Internal | Help

Log In or Register
To pass your CCNA exam and earn this coveted certification, you need to realize the specifics of port-based authentication. This information has a wonderful deal of value in production networks as nicely, because this authentication scheme is often implemented. Let's take a look at this particular CCNA ability.

Take into account a situation where you have a server that will be connected to your switch, and you want the port to shut down if a device with a distinct MAC address that that of the switch attempts to connect to that port. You could also have a situation where you have a person who has a connection to a switch port in his workplace, and he desires to make certain that only his laptop can use that port.

Both of these examples are real-globe situations, and there are two options for each and every. First, we could develop a static MAC entry for that certain switch port. I do not suggest this, mainly simply because each you and I have much better factors to do than handle static MAC entries. The better solution is to configure port-based authentication on the switch.

The Cisco switch utilizes MAC addresses to enforce port security. With port security, only devices with particular MAC addresses can connect to the port effectively. This is yet another cause supply MACs are looked at ahead of the destination MAC is examined. If the source MAC is non-secure and port-based authentication is in impact, the destination does not matter, as the frame will not be forwarded. To research more, please consider glancing at: best http://www.hotelslines.com/career-education-with-continuing-education/. In essence, the supply MAC address serves as the password.

MAC addresses that are allowed to effectively communicate with the switch port are secure MAC addresses. The default number of secure MAC addresses is 1, but a maximum of 132 secure MACs can be configured.

When a non-secure MAC address attempts to communicate with the switch port, 1 of 3 actions will occur, depending on the port security mode. In Protect mode, frames with non-secure MAC addresses are dropped. There is no notification that a violation has occurred. The port will continue to switch frames for the secure MAC address.

In Restrict mode, the identical action is taken, but a syslog message is logged through SNMP, which is a messaging protocol utilized by Cisco routers.

In Shutdown mode, the interface goes into error-disabled state, the port LED will go out, and a syslog message is logged. The port has to be manually reopened. Shutdown mode is the default port-security mode.

Port-based authentication is just 1 of the many switching abilities you will have to demonstrate to earn your CCNA certification. Make sure you know the basics shown right here, like the action of every distinct mode, and you are on your way to CCNA exam good results!.



Revision: r1 - 2013-08-30 - 17:08:07 - XcvnMkkk

Powered by the TWiki collaboration platform Copyright © by the contributing authors, 2007-2025.
Ideas, requests, problems regarding Daya Bay? Send feedback