U
SER
A
UTHENTICATION
3-59
Web – Click Security, Port Security. Set the action to take when an invalid
address is detected on a port, mark the checkbox in the Status column to
enable security for a port, set the maximum number of MAC addresses
allowed on a port, and click Apply.
Figure 3-28. Configuring Port Security
CLI – This example sets the command mode to Port 5, sets the port
security action to send a trap and disable the port, and then enables port
security for the switch.
Configuring 802.1x Port Authentication
Network switches can provide open and easy access to network resources
by simply attaching a client PC. Although this automatic configuration and
access is a desirable feature, it also allows unauthorized personnel to easily
intrude and possibly gain access to sensitive network data.
The IEEE 802.1x (dot1x) standard defines a port-based access control
procedure that prevents unauthorized access to a network by requiring
users to first submit credentials for authentication.
Access to all switch ports in a network can be centrally controlled from a
server, which means that authorized users can use the same credentials for
authentication from any point within the network.
Console(config)#interface ethernet 1/5
Console(config-if)#port security action trap-and-shutdown 4-101
Console(config-if)#port security
Console(config-if)#