S21交换机(端口+IP+MAC)配置模板
S21交换机(端口+IP+MAC)配置模板:
IP+MAC+端口:
例:在端口F0/2上绑定:IP:192.168.12.202 MAC: 00d0.f800.073c的主机。
Switch# configure terminal
!进入全局配置模式
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# interface fastethernet 0/2
!进入端口2配置模式
Switch(config-if)# switchport mode access
!把端口模式改为access口
Switch(config-if)# switchport port-security
!启用端口安全
Switch(config-if)# switchport port-security maximum 24
!最多允许24个mac地址,最大128
Switch(config-if)# switchport port-security mac-address 00d0.f800.073c
!端口和mac地址的绑定
Switch(config-if)# switchport port-security mac-address 00d0.f800.073c ip-address 192.168.12.202
!端口+mac地址+ip地址绑定
Switch(config-if)# end
Switch#wr
例:在端口F0/2上绑定:IP:192.168.12.202 MAC: 00d0.f800.073c的主机。
Switch# configure terminal
!进入全局配置模式
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# interface fastethernet 0/2
!进入端口2配置模式
Switch(config-if)# switchport mode access
!把端口模式改为access口
Switch(config-if)# switchport port-security
!启用端口安全
Switch(config-if)# switchport port-security maximum 24
!最多允许24个mac地址,最大128
Switch(config-if)# switchport port-security mac-address 00d0.f800.073c
!端口和mac地址的绑定
Switch(config-if)# switchport port-security mac-address 00d0.f800.073c ip-address 192.168.12.202
!端口+mac地址+ip地址绑定
Switch(config-if)# end
Switch#wr
下面是操作时的截图:
Initializing...
Done
Done
2006-03-10 14:57:06 @5-COLDSTART:System coldstart
Switch>
Switch>
Switch>en
Password:
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#interface f 0/2
2006-03-10 14:57:38 @5-CONFIG:Configured from outband Switch(config-if)#switchport mode access
2006-03-10 14:58:32 @5-CONFIG:Configured from outband
Switch(config-if)#switchport port-security
Switch(config-if)#switchport port-security maximum 24
2006-03-10 15:04:51 @5-CONFIG:Configured from outband
Switch(config-if)#Switch(config-if)#switchport port-security mac-address 00d0.f800.073c
2006-03-10 15:24:56 @5-CONFIG:Configured from outband
Switch(config-if)#$rity mac-address 00d0.f800.073c ip-address 192.168.12.202
2006-03-10 15:25:13 @5-CONFIG:Configured from outband
% Prompt: enable ARP check can provide more secure policy to refuse illegal ARP
packet.
Switch(config-if)#end
2006-03-10 15:25:43 @5-CONFIG:Configured from outband
Switch#wr
Building configuration...
[OK]
Switch#
Switch>
Switch>en
Password:
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#interface f 0/2
2006-03-10 14:57:38 @5-CONFIG:Configured from outband Switch(config-if)#switchport mode access
2006-03-10 14:58:32 @5-CONFIG:Configured from outband
Switch(config-if)#switchport port-security
Switch(config-if)#switchport port-security maximum 24
2006-03-10 15:04:51 @5-CONFIG:Configured from outband
Switch(config-if)#Switch(config-if)#switchport port-security mac-address 00d0.f800.073c
2006-03-10 15:24:56 @5-CONFIG:Configured from outband
Switch(config-if)#$rity mac-address 00d0.f800.073c ip-address 192.168.12.202
2006-03-10 15:25:13 @5-CONFIG:Configured from outband
% Prompt: enable ARP check can provide more secure policy to refuse illegal ARP
packet.
Switch(config-if)#end
2006-03-10 15:25:43 @5-CONFIG:Configured from outband
Switch#wr
Building configuration...
[OK]
Switch#
模版如下:
configure terminal
interface fastethernet 0/2
switchport mode access
switchport port-security
switchport port-security maximum 24
switchport port-security mac-address 00d0.f800.073c
switchport port-security mac-address 00d0.f800.073c ip-address 192.168.12.202
end
configure terminal
interface fastethernet 0/2
switchport mode access
switchport port-security
switchport port-security maximum 24
switchport port-security mac-address 00d0.f800.073c
switchport port-security mac-address 00d0.f800.073c ip-address 192.168.12.202
end
S21交换机(端口+IP)配置模板:
配置信息:
Switch#show run
Switch#show run
System software version : 1.63 Build Jan 6 2006 Rel
Building configuration...
Current configuration : 1183 bytes
Current configuration : 1183 bytes
!
version 1.0
!
no enable services web-server
hostname Switch
vlan 1
!
enable secret level 1 5 &tPaein'qu}bfjo+rv8cgkE,sm`dhl&-
enable secret level 15 5 &tsv'~1'quT7+.t{rvV/,|7zs\W&-/-a
!
interface fastEthernet 0/5
switchport port-security violation shutdown
!当出现端口和IP不匹配的情况,端口自动关闭。
switchport port-security aging time 2
switchport port-security ip-address 10.32.1.48
switchport port-security ip-address 10.32.1.49
!
interface fastEthernet 0/6
switchport port-security
switchport port-security violation shutdown
switchport port-security aging time 2
switchport port-security ip-address 10.32.1.50
!
interface vlan 1
no shutdown
ip address 10.32.1.10 255.255.255.0
!
ip default-gateway 10.32.1.1
snmp-server community public ro
end
version 1.0
!
no enable services web-server
hostname Switch
vlan 1
!
enable secret level 1 5 &tPaein'qu}bfjo+rv8cgkE,sm`dhl&-
enable secret level 15 5 &tsv'~1'quT7+.t{rvV/,|7zs\W&-/-a
!
interface fastEthernet 0/5
switchport port-security violation shutdown
!当出现端口和IP不匹配的情况,端口自动关闭。
switchport port-security aging time 2
switchport port-security ip-address 10.32.1.48
switchport port-security ip-address 10.32.1.49
!
interface fastEthernet 0/6
switchport port-security
switchport port-security violation shutdown
switchport port-security aging time 2
switchport port-security ip-address 10.32.1.50
!
interface vlan 1
no shutdown
ip address 10.32.1.10 255.255.255.0
!
ip default-gateway 10.32.1.1
snmp-server community public ro
end
