Fa0/1 hwidb = 0x807D6C98 00:55:55: PSECURE: No change in violation_mode 00:55:55: PSECURE: psecure_vlan_linkchange invoked: Vlan 1 00:55:55: PSECURE: Activating port-security feature 00:55:55: PSECURE: port_activate: status is 1 (Tiếp theo) 00:55:55: PSECURE: PSECURE: Deleting all dynamic addresses from h/w tables. 00:55:55: PSECURE: psecure_platform_delete_all_addrs: deleting all addresses on vlan 1 00:55:55: PSECURE: psecure_delete_address_not_ok address <1,00e0.4d01.2978> allowed 00:55:55: PSECURE: skipping Fa0/1 while searching <1,00e0.4d01.2978> 00:55:55: PSECURE: Adding entry to HA table from port-security sub block 00:55:55: PSECURE: psecure_platform_add_mac_addrs: Do nothing, called to add <1,00e0.4d01.2978> to FastEthernet0/1 00:55:57: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up 00:55:58: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up - Dùng lệnh : Switch#show interface f0/1 FastEthernet0/1 is up, line protocol is up (connected) Hardware is Fast Ethernet, address is 000f.239d.c641 (bia 000f.239d.c641) MTU 1500 bytes, BW 100000 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) … IV. Cấu hình toàn bộ Cấu hình của switch: Current configuration : 1727 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Switch ! ! errdisable recovery cause udld errdisable recovery cause bpduguard errdisable recovery cause security-violation errdisable recovery cause channel-misconfig errdisable recovery cause pagp-flap errdisable recovery cause dtp-flap errdisable recovery cause link-flap errdisable recovery cause psecure-violation errdisable recovery cause gbic-invalid errdisable recovery cause dhcp-rate-limit errdisable recovery cause unicast-flood errdisable recovery cause vmps errdisable recovery cause loopback errdisable recovery interval 30 ip subnet-zero ! ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! ! ! ! interface FastEthernet0/1 switchport mode access switchport port-security switchport port-security mac-address 00e0.4d01.2978 ! interface FastEthernet0/2 ! interface FastEthernet0/3 ! interface FastEthernet0/4 ! interface FastEthernet0/5 ! interface FastEthernet0/6 ! interface FastEthernet0/7 ! interface FastEthernet0/8 ! interface FastEthernet0/9 ! interface FastEthernet0/10 ! interface FastEthernet0/11 ! interface FastEthernet0/12 ! interface FastEthernet0/13 ! interface FastEthernet0/14 ! interface FastEthernet0/15 ! interface FastEthernet0/16 ! interface FastEthernet0/17 ! interface FastEthernet0/18 ! interface FastEthernet0/19 ! interface FastEthernet0/20 ! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface Vlan1 no ip address no ip route-cache shutdown ! ! ip http server ! line con 0 line vty 0 4 login line vty 5 15 login ! ! end V. Đánh giá Đến đây bạn đã có một khái niệm cơ bản và thao tác cấu hình tương đối về port security. Bạn có thể thay đổi các thông số trong các câu lệnh để tìm hiểu rõ các đặc tính của chúng PPP over Ethernet Tác giả Lê Anh Đức Mô tả: Error! Ở topo trên, ta có, R3 sẽ làm PPPoE client, còn R1 sẽ làm PPPoE server, thực hiện kết nối với các mạng trong Internet với ISP làm router giả lập ISP. Router R2 là router ở chi nhánh, thực hiện NAT để cho mang private ra internet. Chú ý: Các router R3, R1 là các route 2600, chạy IOS version 12.2 trở lên. Cấu hình: R1 Building configuration * ! hostname R1 ! ! memory-size iomem 10 ip subnet-zero ! ! ! vpdn enable ßbật vpdn ! vpdn-group 1 ßtạo vpdn group để trao đổi với client accept-dialin ß xác định đây là PPPoE server protocol pppoe virtual-template 1 ! interface Loopback1 ip address 203.162.3.2 255.255.255.255 ! interface Ethernet0/0 no ip address half-duplex pppoe enable ! interface Serial0/0 ip address 203.20.20.2 255.255.255.252 no fair-queue ! interface Virtual-Template1 ip unnumbered Loopback1 ! ip classless ip route 0.0.0.0 0.0.0.0 203.20.20.1 ! end R2 Building configuration ! hostname R2 ! interface Ethernet0/0 ip address 10.10.2.1 255.255.255.0 ip nat inside half-duplex ! interface Serial0/0 ip address 203.30.30.2 255.255.255.252 ip nat outside no fair-queue ! ip nat inside source list 1 interface Serial0/0 overload ip classless ip route 0.0.0.0 0.0.0.0 203.30.30.1 ip http server ! ! access-list 1 permit 10.10.2.0 0.0.0.255 ! end R3 Building configuration ! hostname R3 ! . spanning-tree optimize bpdu transmission spanning-tree extend system-id ! ! ! ! interface FastEthernet0/1 switchport mode access switchport port-security switchport port-security mac-address. dhcp-rate-limit errdisable recovery cause unicast-flood errdisable recovery cause vmps errdisable recovery cause loopback errdisable recovery interval 30 ip subnet-zero ! ! spanning-tree. password-encryption ! hostname Switch ! ! errdisable recovery cause udld errdisable recovery cause bpduguard errdisable recovery cause security-violation errdisable recovery cause channel-misconfig