端口安全基本配置

1.top图

2.交换机配置

复制代码
交换机swa
<SWA> system-view
[SWA] vlan batch 10 20


[SWA] interface GigabitEthernet0/0/1
[SWA-GigabitEthernet0/0/1] port link-type trunk
[SWA-GigabitEthernet0/0/1] port trunk allow-pass vlan 10


[SWA] interface GigabitEthernet0/0/2
[SWA-GigabitEthernet0/0/2] port link-type trunk
[SWA-GigabitEthernet0/0/2] port trunk allow-pass vlan 20

交换机swb
<SWB> system-view
[SWB] vlan 10
[SWB-vlan10] quit
[SWB] interface GigabitEthernet0/0/1   
[SWB-GigabitEthernet0/0/1] port link-type access
[SWB-GigabitEthernet0/0/1] port default vlan 10
[SWB] interface GigabitEthernet0/0/2    
[SWB-GigabitEthernet0/0/2] port link-type access
[SWB-GigabitEthernet0/0/2] port default vlan 10
[SWB-GigabitEthernet0/0/1] port-security enable
[SWB-GigabitEthernet0/0/1] port-security max-mac-num 1
[SWB-GigabitEthernet0/0/1] port-security mac-address static 5489-983F-24E5 vlan 10
[SWB-GigabitEthernet0/0/1] port-security protect-action shutdown
[SWB-GigabitEthernet0/0/2] port-security enable
[SWB-GigabitEthernet0/0/2] port-security max-mac-num 1
[SWB-GigabitEthernet0/0/2] port-security mac-address static 5489-98a4-2424 vlan 10
[SWB-GigabitEthernet0/0/2] port-security protect-action shutdown
[SWB] interface GigabitEthernet0/0/3
[SWB-GigabitEthernet0/0/24] port link-type trunk
[SWB-GigabitEthernet0/0/24] port trunk allow-pass vlan 10

交换机swc
<SWC> system-view
[SWC] vlan 20
[SWC-vlan20] quit
[SWC] interface GigabitEthernet0/0/1    
[SWC-GigabitEthernet0/0/1] port link-type access
[SWC-GigabitEthernet0/0/1] port default vlan 20
[SWC] interface GigabitEthernet0/0/2    
[SWC-GigabitEthernet0/0/2] port link-type access
[SWC-GigabitEthernet0/0/2] port default vlan 20
[SWC-GigabitEthernet0/0/1] port-security enable
[SWC-GigabitEthernet0/0/1] port-security max-mac-num 1
[SWC-GigabitEthernet0/0/1] port-security mac-address dynamic
[SWC-GigabitEthernet0/0/1] port-security aging-time 5   
[SWC-GigabitEthernet0/0/1] port-security protect-action restrict
[SWC-GigabitEthernet0/0/2] port-security enable
[SWC-GigabitEthernet0/0/2] port-security max-mac-num 1
[SWC-GigabitEthernet0/0/2] port-security mac-address dynamic
[SWC-GigabitEthernet0/0/2] port-security aging-time 5
[SWC-GigabitEthernet0/0/2] port-security protect-action restrict
[SWC] interface GigabitEthernet0/0/3
[SWC-GigabitEthernet0/0/24] port link-type trunk
[SWC-GigabitEthernet0/0/24] port trunk allow-pass vlan 20

3.ping

相关推荐
黑岚樱梦13 小时前
计算机网络第四章学习
网络·学习·计算机网络
微小冷13 小时前
ARP协议详解及其Wireshark抓包测试
网络·测试工具·wireshark·抓包·tcp/ip协议·arp协议·地址解析协议
咬_咬13 小时前
C++仿mudo库高并发服务器项目:Buffer模块
服务器·开发语言·c++·缓冲区·buffer·muduo库
刘岩Tony13 小时前
ssh别名和多服务器同步文件
运维·服务器·ssh
zzy208874027113 小时前
自定义服务器实现时间同步
运维·服务器
LXY_BUAA13 小时前
在电脑中安装双系统(win11 + linux)20251019
linux·运维·服务器
用户479492835691513 小时前
什么是XSS攻击,怎么预防,一篇文章带你搞清楚
前端·javascript·安全
RTC老炮13 小时前
webrtc弱网-RembThrottler类源码分析及算法原理
网络·算法·webrtc
白帽子黑客罗哥13 小时前
云原生安全深度实战:从容器安全到零信任架构
安全·云原生·架构·零信任·容器安全·kubernetes安全·服务网络
Rverdoser13 小时前
关于网站整体实现流程有哪些
服务器