SRI LANKA INSTITUTE OF

INFORMATION TECHNOLOGY

EC2402 - Computer Networks

Laboratory 04
Switch port Security

Name: Wijeruwan K.N.N

Student ID: EN21483592

1|Page
 Continuous Assessment Cover Sheet
Faculty of Engineering

Module Details
Module Code EC 2402 Module Title Computer Networks
Program: SLIIT Course: BSc

Assessment details
Title Switch port security Group assignment NO
If yes, Group No.
Lecturer/ Instructor Mr. Charith Sucharitharathna Date of
Performance
Due date 2022/11/05 Date submitted 2022/11/05

Student statement and signature

By this declaration, I/we confirm my/our understanding and acceptance that the work reported in this report is my/our own work. I/we also
understand the consequences of engaging in plagiarism or copying others work without proper citation. Any material used in this work
(whether from published sources, the internet or elsewhere) have been fully acknowledged and referenced and are without fabrication or
falsification of data.
[Copying or plagiarism will result in a “0” mark for the continuous assessment and “F” for the module after an investigation on academic
misconduct

All academic misconduct is considered seriously and defined as dishonest and in direct opposition to the values of a learning
community. Misconduct may result in penalties from failure to exclusion from the campus.
Further help and guidance on how to avoid academic misconduct can be obtained from your academic advisor/tutor]

By this declaration, I/we confirm my understanding and acceptance that-

• I/we have adhered to relevant ethical guidelines and procedures in the completion of the assignment.
• I/we have not allowed another student to have access to or copy from this work.
• This work has not been submitted previously.
[The Institute may request an electronic copy of this work for submission to the Plagiarism detection facility (TURNITIN). You must make
sure that an electronic copy of your work is available in these circumstances]

Details of the student/s submitting the assignment Signature

ID Number Name (As per the institute records)

EN21483592 Wijeruwan K.N.N

OFFICE USE ONLY

Receiving Officer (seal, Specific comments about the work (including overall comments
signature, date) and guidelines for improvement)

2|Page
1. Prepare the network in the last page of this lab sheet in the packet tracer.

2. Use the following table to provide IP addresses to the PCs.

3|Page
4|Page
3. Set the maximum allowed MAC address count of Switch 1 Fa0/1 interface to 3.

4. Issue the “show port-security address” command in Switch 1’s privilege mode to view the
secure MAC address table. What can you see as the current content?

5|Page
5. Ping from PC0 to PC4.

6. Again issue the “show port-security address” command in Switch 1’s privilege mode to view
the secure MAC address table. What can you see as the current content?

7. Now do the following pings.

PC1 to PC4 => Was the ping successful?
PC2 to PC4 => Was the ping successful?

6|Page
8. Again issue the “show port-security address” command in Switch 1’s privilege mode to view
the secure MAC address table. What can you see as the current content?

It could be observed that the MAC addresses are displayed in the MAC address table

9. Issue “show running-config” command in Switch 1’s privilege mode. Can you see any of the MAC
addresses in above step-8 listed under Fa0/1 interface in the running configurations? Why?

7|Page
The MAC addresses are not available because any PC wasn’t ping before to the switch to record MAC
addresses.

8|Page
10. Now ping from PC3 to PC4. Was the ping successful? If not why? What else can you observe
in Switch 1?

9|Page
11. Issue “show port-security interface fastEthernet 0/1” command in Switch 1’s privilege mode
and interpret the output.

12. Issue the “show port-security address” command in Switch 1’s privilege mode to view the
secure MAC address table. What can you see as the current content?

10 | P a g e
13. Do the following to bring up the Fa0/1 interface in Switch 1 back to online.

14. Assign PC4’s MAC address as a static secure MAC address in Switch 1’s Fa0/2 interface.

11 | P a g e
15. Issue the “show port-security address” command in Switch 1’s privilege mode to view the
secure MAC address table. What can you see as the current content?

12 | P a g e
16. Issue “show running-config” command in Switch 1’s privilege mode. Can you see the MAC
addresses in above step-15 listed under Fa0/2 interface in the running configurations? Why?

13 | P a g e
14 | P a g e
17. Now move to Switch 2 and set the maximum allowed MAC address count of Switch 2 Fa0/1
interface to 2.

18. Enable sticky secure MAC addresses in Switch 2’s Fa0/1 interface.

15 | P a g e
19. Issue the “show port-security address” command in Switch 2’s privilege mode to view the
secure MAC address table. What can you see as the current content?

20. Ping from PC5 to PC4 and PC6 to PC4. Was the pinging successful?

Pinging was successful

21. Again issue the “show port-security address” command in Switch 2’s privilege mode to view
the secure MAC address table. What can you see as the current content?

16 | P a g e
22. Issue “show running-config” command in Switch 2’s privilege mode. Can you see any of the
MAC addresses in above step-21 listed under Fa0/1 interface in the running configurations?
Why?

The two MAC addresses given above can be seen when we issue the running configuration. Because
the PCs were pinged once, the switch has these MAC addresses stored in it.

23. Ping from PC7 to PC4. Was the ping successful? If not why? What else can you observe in
Switch 2?

The pinging of PC7 to PC4 was unsuccessful because the maximum MAC addresses that we allowed
for the interface before is 2 and if it becomes three the network is violated.

17 | P a g e
24. Issue “show port-security interface fastEthernet 0/1” command in Switch 2’s privilege mode and
interpret the output.

25. Issue the “show port-security address” command in Switch 2’s privilege mode to view the
secure MAC address table. What can you see as the current content?

18 | P a g e
26. Do the following to bring up the Fa0/1 interface in Switch 2 back to online.

27. Does bringing up the interface clear the sticky secure MAC addresses from the secure MAC
address table or the running configuration?

No

28. Clear the sticky secure MAC addresses from the secure MAC address table and the running
configurations of Switch 2 manually.

19 | P a g e
29. Also practice with changing the violation mode of the secure switch ports.

Protect

20 | P a g e
Restrict

Shutdown

21 | P a g e