How to Configure Port Security in Cisco Packet Tracer? – In the previous article, we briefly discussed Port Security in Cisco Switches. In this article, we will configure Port Security on the Cisco Switch using Cisco Packet Tracer.
How to Configure Port Security in Cisco Packet Tracer?

How to Configure Port Security in Cisco Packet Tracer?

How to Configure Port Security in Cisco Packet Tracer?

Configuring Port Security on Cisco Switches is a very simple process. To enable Port Security on the Cisco Switch, the interface is configured as an access port by first applying the Switchport Mode Access command on the interface.

Otherwise, this port will give a Dynamic port warning. Command ordering is important. For this reason, you need to translate any interface into the access port before configuring it.

After Port Security is enabled on the switch, we need to specify the Violation status on the interface. Violation status consists of 3 types. In this post, we will only apply the shutdown action to the interface violated. The Violation Shutdown option is the most robust method for Port Security on Cisco switches.

You can perform by watching the Restrict and Protect operations.

We talked about What is Port Security?. In this article, we will walk you through configuring Port Security on Cisco Packet Tracer.

Our Recommendation

You can purchase “Packet Tracer Network Simulator” from Amazon.

How to Enable Port Security in Cisco Packet Tracer?

We can now pass the steps to enable Cisco Switch Port Security in Cisco Packet Tracer.

   Step 1

Run the Cisco Packet Tracer program and create a topology similar to the one below. Assign the IP address to the Cisco Router, and then assign the IP address to the computers.

If you do not know how to do this, you can check out how to use Cisco Packet Tracer.

How to Configure Port Security in Cisco Packet Tracer?

   Step 2

Before you enable Port Security on Cisco Packet Tracer, perform a network connectivity test between the devices. Ping from PC0 to the Cisco Router interface and PC1 to test connectivity.

How to Configure Port Security in Cisco Packet Tracer?

   Step 3

Likewise, test the connection by pinging other devices from PC1. After the connection test, click on the Cisco Switch.

How to Configure Port Security in Cisco Packet Tracer?

   Step 4

Click the Cisco Switch CLI tab. Apply the Cisco Packet Tracer Port Security configuration commands in order.

[code] Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#interface fastethernet0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport port-security
Switch(config-if)#switchport port-security mac-address sticky
Switch(config-if)#switchport port-security maximum 1
Switch(config-if)#switchport port-security violation shutdown
Switch(config-if)#
Switch(config-if)#exit
Switch(config)#
Switch(config)#interface fastethernet0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport port-security
Switch(config-if)#switchport port-security mac-address sticky
Switch(config-if)#switchport port-security maximum 1
Switch(config-if)#switchport port-security violation shutdown
Switch(config-if)#
Switch(config-if)#end
Switch#
[/code]

Port Security was enabled on the FastEthernet0/1 and FastEthernet0/2 interfaces on the Cisco Switch if we explain the above configuration commands. The Interface is set to interface access mode with Switchport Mode Access command. With the Mac-address sticky command, the MAC addresses of computers connected to the Cisco Switch interfaces are automatically stored.

With the maximum 1 command, only 1 MAC address will store and Port Security will provide.

In the event of any violation of these interfaces, the Fa0/1 or Fa0/2 interfaces will be shutdown.

How to Configure Port Security in Cisco Packet Tracer?

   Step 5

In Cisco Switch privileged mode, use the show port-security command. The SecurityViolation (Count) part is 0 because there is no violation on the interfaces.

How to Configure Port Security in Cisco Packet Tracer?

   Step 6

When we apply the show mac address-table command, we can see that the MAC addresses of the computers connected to the Cisco Switch stored in the table. These MAC addresses will compare in the case of violation.

How to Configure Port Security in Cisco Packet Tracer?

   Step 7

By executing Show port-security interface fa0/1, we can see the detailed information of the Cisco Switch FastEthernet0/1 interface.

How to Configure Port Security in Cisco Packet Tracer?

   Step 8

We have completed the steps to configure Port Security in Cisco Packet Tracer. Now let’s test the Port Security feature.

Add one more computer to the Packet Tracer workspace and configure the IP settings for this computer. Then, disconnect the cable between PC0 and Switch0.

How to Configure Port Security in Cisco Packet Tracer?

   Step 9

Once the PC2 computer has configured, connect to the Fa0/1 interface on Switch0.

How to Configure Port Security in Cisco Packet Tracer?

   Step 10

When we ping from PC2 to PC1, we can see that the process has failed. And immediately, the Cisco Switch sensed a violation in the Fa0/1 interface, matched the MAC address in the memory, and realized that it was different from the MAC address in the table.

How to Configure Port Security in Cisco Packet Tracer?

   Step 11

After the violation on the switch, let’s check the interface status by running the show ip interface brief command at the CLI command prompt.

As you can see in the image below, the FastEthernet0/1 interface went into Down state.

How to Configure Port Security in Cisco Packet Tracer?

   Step 12

Likewise, if we apply the show port-security command, we can see that there is an increase of 1 in the Violation Count section.

How to Configure Port Security in Cisco Packet Tracer?

   Step 13

Cisco Packet Tracer Port Security configuration successfully completed. However, a system administrator must manually open the port.

First, run the shutdown command and then say no shutdown to bring the Fa0/1 port to the Up state.

How to Configure Port Security in Cisco Packet Tracer?

   Step 14

Once the FastEthernet0/1 interface activated, connect the PC0 to the Switch again and perform the Ping test.

As you can see in the image below, PC0 has successfully connected to other devices on the network.

How to Configure Port Security in Cisco Packet Tracer?

Show Commands Related to How to Configure Port Security in Cisco Packet Tracer

Switch#show runRouter#show running-configSwitch#show port-securitySwitch#show mac address-tableSwitch#show port-security interface fa0/1
Switch#show run
Building configuration…

Current configuration : 1357 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Switch
!
!
spanning-tree mode pvst
!
interface FastEthernet0/1
switchport mode access
switchport port-security
switchport port-security mac-address sticky
switchport port-security mac-address sticky 0001.43EC.7639
!
interface FastEthernet0/2
switchport mode access
switchport port-security
switchport port-security mac-address sticky
switchport port-security mac-address sticky 0007.EC9C.8167
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
shutdown
!
!
line con 0
!
line vty 0 4
login
line vty 5 15
login
!
!
end
Switch#

Router#show running-config
Building configuration…

Current configuration : 620 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router
!
!
ip cef
no ipv6 cef
!
!
license udi pid CISCO1941/K9 sn FTX1524837C
!
!
!
spanning-tree mode pvst
!
!
!
interface GigabitEthernet0/0
ip address 192.168.5.1 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Vlan1
no ip address
shutdown
!
ip classless
!
ip flow-export version 9
!
!
line con 0
!
line aux 0
!
line vty 0 4
login
!
!
end
Router#

Switch#show port-security
Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action
(Count) (Count) (Count)
——————————————————————–
Fa0/1 1 0 0 Shutdown
Fa0/2 1 0 0 Shutdown
———————————————————————-
Switch#
Switch#show mac address-table
Mac Address Table
——————————————-

Vlan Mac Address Type Ports
—- ———– ——– —–

1 0001.43ec.7639 STATIC Fa0/1
1 0001.c7a9.d501 DYNAMIC Gig0/1
1 0007.ec9c.8167 STATIC Fa0/2
Switch#

Switch#show port-security interface fa0/1
Port Security : Enabled
Port Status : Secure-up
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 1
Configured MAC Addresses : 0
Sticky MAC Addresses : 1
Last Source Address:Vlan : 0001.43EC.7639:1
Security Violation Count : 0
Switch#

How to Configure Port Security in Cisco Packet Tracer? ⇒ Video

You can watch how to configure Port Security in Cisco Packet Tracer and also subscribe to our YouTube channel…

  Final Word

How to Configure Port Security in Cisco Packet Tracer? – We implemented Port Security on the Cisco Switch. For more information on Port Security, you can read the articles on our site.

If this article is helpful, send me feedback by commenting! Thanks in advance, take care of yourself!

Also, you can add to browser bookmarks by pressing the CTRL+D to read this article later!

Articles How to Configure Port Security in Cisco Packet Tracer

Products Related to How to Configure Port Security in Cisco Packet Tracer
Related Products

File Related to How to Configure Port Security in Cisco Packet Tracer
Related File

You can download the topology configured on the Cisco Packet Tracer as a PKT file from the following to your computer.

Leave a Reply

Your email address will not be published. Required fields are marked *

5 + seventeen =