Cisco CCNA Certification Exam Tutorial: Port-Based Authentication

De BISAWiki

To pass your CCNA exam and earn this coveted certification, you need to realize the particulars of port-based authentication. This information has a fantastic deal of worth in production networks as well, since this authentication scheme is regularly implemented. Let's take a appear at this certain CCNA skill.

Contemplate a situation exactly where you have a server that will be connected to your switch, and you want the port to shut down if a device with a diverse MAC address that that of the switch attempts to connect to that port. This tasteful best http://www.hotelslines.com/career-education-with-continuing-education/ website has many cogent lessons for where to provide for it. You could also have a scenario where you have a person who has a connection to a switch port in his workplace, and he wants to make certain that only his laptop can use that port.

Each of these examples are true-globe scenarios, and there are two options for every. First, we could create a static MAC entry for that specific switch port. I don't advise this, primarily because both you and I have better factors to do than handle static MAC entries. The greater answer is to configure port-based authentication on the switch.

The Cisco switch utilizes MAC addresses to enforce port security. With port security, only devices with certain MAC addresses can connect to the port effectively. This is an additional cause supply MACs are looked at before the destination MAC is examined. If the supply MAC is non-secure and port-based authentication is in impact, the destination does not matter, as the frame will not be forwarded. In essence, the supply MAC address serves as the password.

MAC addresses that are allowed to successfully communicate with the switch port are secure MAC addresses. The default number of secure MAC addresses is 1, but a maximum of 132 secure MACs can be configured.

When a non-secure MAC address attempts to communicate with the switch port, one particular of 3 actions will happen, depending on the port security mode. In Protect mode, frames with non-secure MAC addresses are dropped. There is no notification that a violation has occurred. The port will continue to switch frames for the secure MAC address.

In Restrict mode, the very same action is taken, but a syslog message is logged via SNMP, which is a messaging protocol employed by Cisco routers.

In Shutdown mode, the interface goes into error-disabled state, the port LED will go out, and a syslog message is logged. The port has to be manually reopened. Shutdown mode is the default port-security mode.

Port-based authentication is just 1 of the several switching expertise you are going to have to demonstrate to earn your CCNA certification. Make confident you know the fundamentals shown right here, which includes the action of every single distinct mode, and you're on your way to CCNA exam good results!.

Obtida de "http://wiki.bisaweb.com.br/index.php/Cisco_CCNA_Certification_Exam_Tutorial:_Port-Based_Authentication"
Ferramentas pessoais