掌握交换机mac地址绑定的方法

Windows 2003，Cisco模拟器

交换机的端口安全，是一种交换机的过滤策略，即为交换机的某个端口绑定一个固定的mac地址，使其他的mac地址访问的时候触发策略，down掉端口或者拒绝服务。

代码块：

Switch>enable
Switch#config terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#interface vlan 1
Switch(config-if)#ip address 192.168.1.100 255.255.255.0
Switch(config-if)#no shutdown
Switch(config-if)#
%LINK-5-CHANGED: Interface Vlan1, changed state to up
    
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up
Switch(config-if)#exit
Switch(config)#exit
Switch#
%SYS-5-CONFIG_I: Configured from console by console

代码块：

Switch#config t
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#interface Fa 0/5
Switch(config-if)#switchport mode access
Switch(config-if)#switchport port-security
Switch(config-if)#switchport port-security mac-address 000A.F34C.8499
Switch(config-if)#exit
Switch(config)#exit
Switch#
%SYS-5-CONFIG_I: Configured from console by console

Switch#show port-security
Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action
               (Count)       (Count)        (Count)
--------------------------------------------------------------------
        Fa0/5        1          1                 0         Shutdown
----------------------------------------------------------------------
Switch#show port-security address
			Secure Mac Address Table
-------------------------------------------------------------------------------
Vlan	Mac Address	Type			Ports		Remaining Age
								(mins)
----	-----------	----			-----		-------------
1	000A.F34C.8499	SecureConfigured	FastEthernet0/5		-
------------------------------------------------------------------------------
Total Addresses in System (excluding one mac per port)     : 0
Max Addresses limit in System (excluding one mac per port) : 1024
Switch#

计算机A ping通：

计算机B ping 不通

计算机连接如图：