C
ONFIGURING
THE
S
WITCH
3-86
CLI
– This example generates a host-key pair using both the RSA and
DSA algorithms, stores the keys to flash memory, and then displays the
host’s public keys.
Configuring Port Security
Port security is a feature that allows you to configure a switch port with
one or more device MAC addresses that are authorized to access the
network through that port.
When port security is enabled on a port, the switch stops learning new
MAC addresses on the specified port. Only incoming traffic with source
addresses already stored in the dynamic or static address table will be
accepted as authorized to access the network through that port. If a device
with an unauthorized MAC address attempts to use the switch port, the
intrusion will be detected and the switch can automatically take action by
disabling the port and sending a trap message.
To use port security, first allow the switch to dynamically learn the
<source MAC address, VLAN> pair for frames received on a port for an
initial training period, and then enable port security to stop address
Console#ip ssh crypto host-key generate
4-48
Console#ip ssh save host-key
4-48
Console#show public-key host
4-48
Host:
RSA:
1024 65537
127250922544926402131336514546131189679055192360076028653006761
8240969094744832010252487896597759216832222558465238779154647980739
6314033869257931051057652122430528078658854857892726029378660892368
4142327591212760325919683697053439336438445223335188287173896894511
729290510813919642025190932104328579045764891
DSA:
ssh-dss AAAAB3NzaC1kc3MAAACBAN6zwIqCqDb3869jYVXlME1sHL0EcE/
Re6hlasfEthIwmjhLY4O0jqJZpcEQUgCfYlum0Py9ieGWQ8f2gobUZKIICu
Kg6vjO9XTs7XKc05xfzk26vFOgvUDFedlh5v8r0ea2r
pnO6DkZAAAAFQCNZn/x17dwpW8RrV DQ6QAAAIEAptkGeB6B5hwagH4g
UOCY6i1TmrmSiJgfwO9OqRPUuzxatOo7drSx5R9ywsa
1cWqHeFY5ilc3lDCNBueeRS+azTKIk/zrJh8GLG Nq375R55yRxFvmcGIn
Q7IphPqyJ3o9MK8LFDfmJEAAACAL8A6tESiswP2OFqX7VGoEbzVDSOI RTMFy
3iUXtvGyQAOVSy67Mfc3lMtgqPRUOYXDiwIBp5NXgilCg5z7VqbmRm28mWc5a//
f8TUAg PNWKV6W0hqmshQdoXKNTZj0uTwWfjO5Kytdn4MdoTHgrbl/
DMdAfjnte8MZZs=
Console#
Summary of Contents for 6128L2
Page 2: ......
Page 21: ...CONTENTS xvii Glossary Index ...
Page 22: ...CONTENTS xviii ...
Page 26: ...TABLES xxii ...
Page 40: ...INTRODUCTION 1 10 ...
Page 54: ...INITIAL CONFIGURATION 2 14 ...
Page 193: ...PORT CONFIGURATION 3 139 Figure 3 61 Displaying Etherlike and RMON Statistics ...
Page 257: ...QUALITY OF SERVICE 3 203 Figure 3 90 Configuring Policy Maps ...
Page 313: ...COMMAND GROUPS 4 13 PE Privileged Exec VC VLAN Database Configuration ...
Page 592: ...TROUBLESHOOTING B 4 ...
Page 605: ......