cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
673
Views
0
Helpful
5
Replies

Dynamic Port Security when is suggested to use

francota
Level 1
Level 1

Hello

I have a problem to understand the use of Dynamic Port Security, I mean what is the difference with standard behaviour?

I am making a lot of tests with packet tracer but I really dont undertsand the difference and when it is suggested to use.

 

Thanks for the help

5 Replies 5

Hello,

 

if you are talking about sticky and dynamic port security, below is the difference:

 

interface FastEthernet0/1
switchport mode access
switchport port-security
switchport port-security mac-address sticky
switchport port-security mac-address 0ab2.2c4f.aa34

 

--> sticky learned MAC addresses are added to the running-config

 

interface FastEthernet0/2
switchport mode access
switchport port-security

 

--> dynamically learned MAC addresses are not added to the running-config

Thank you for your answer.

Well my problem is with the difference between dynamic port security and the normal behaviour of a port in the switch.

I dont understand that, why I should use the dynamic port security??

 

thanks

Frank

The difference is that with port security being enabled, you can limit the number of devices that can connect to that port. For example, the command below will limit the number to 2.  If you don't have this command, it is unlimited by default.

switchport port-security maximum 2

 

HTH

I test on packet tracer giving on the interface f0/23 this comand:

ciccio(config-if)#switchport mode access

ciccio(config-if)#switchport port-security

ciccio(config-if)#switchport port-security maximum 1

Thank  I connected the pc1 to the f0/23  and it was able to ping the pc0, than I connected the pc2 to the f0/23 and it was able to ping the pc0 too

So I dont understand if I wrong something

 

Thanks

Maybe it is not clear what I wrote??

Frank

Review Cisco Networking for a $25 gift card