I'm kinda new to r&s and just started learning through cbt nuggets and got to port security and I have a question:
I made with Packet Tracer a model of normalSwitch-normalPC and "evil" switch-"evil" PC, as the name suggests- it is evil.
so i configured the normal switch's port security with max:1 ,MAC sticky , violation: shutdown so no one else should connect through that port and when I disconnected the normal PC and replaced it with evilSwitch it worked as expected.
BUT when i change violation to restrict the colors between the normal switch and "evil" switch are turning green (!) and no warning is on my console.
Isn't the sticky MAC should disable the evil switch from connecting ? And why there is no warning on the screen ?
Thanks, Eli !
Thanks for the comment,
The security violation count jumped to astronomous amounts- 700~ ! and later on even to 1000~...
(checked by "show port-security interface fa 0/1")
By your explanation it seems i've done everything right...
Edit: Added a screenshot
Appearently there's a bug in pt that doesnt allow me to trace a packet. I'm starting to think I've done everything right.
By the way the counter is incrementing automatically even with no action to trigger it... seems odd...
EDIT: I tried installing gns3 because solving this issue is important to me but this program is REALLY annoying....
Got tons of questions in the installing process and now it wants to connect to a server and fails. this is so fraustrating....
The commands below have been run on a Cisco Catalyst 2960 device and help with port-security troubleshooting. I can not be sure if they all work on the packet tracer.
Did you save the running config after you enabled port sec mac sticky otherwise the dynamically learn mac isn’t saved to the cam table and it will then have to be relearnt so it’s possible why it allowed you to add a different device