Walk on walk everybody switch port security, nothing new again. But let's get it done anyway, now we have a PC right here, the IP address is 192 168 one dot one and this is one, two. So let's see if we can ping each other showing ping 192 dot 168 dot one dot one dot two. And we sure can, alright, but we want to add some port security on here. Okay, so we're gonna go to the switch, or the COI. Why am I gonna worry about naming it or doing anything else, but I am going to go over the world part will be my one here.

So we're going to go into the interface range, F Zero, slash or dash whatever, slash one dash 15 my very number. We're going to switch port mode access first because if not, you're going to get an error. This is dynamic auto, you'll switch port, a port hyphen security that turns it on. All firewall will do Mac sticky. Now, you could put manual MAC addresses but don't do it. Don't do it because that's a lot of work so well max ag learns it dynamically but adds it statically so you're by Oregon, and we'll do a maximum one How many do you want to allow us one because I'm a ruthless IT administrator only one MAC address.

Okay, that's the maximum number. All right, then we're all bear again and we're into a violation and what I said we want to shut down the port. It is a violation to that and that is it. That is it. So we're going to do a show the usual ports of duty either it is show port, Ivan security and you can see that all these 15 ports. One MAC address is no or can be known.

The current Zero. Is there any violations? No. And what actually there is we're going to shut it down. So let's see what happens. Let's go here.

Let's go ahead and let's ping again. Alrighty, we've been there. So let's go back to our port Security Command here. That's all power. This allows me to believe. And then we see we have on two ports where you learned one address, one address.

Okay, so what happens if we got a sneaky individual? Right, let's unplug this guy right here. Let's just set him to one side. And he brought his laptop from home, you know, bring your own computer, whatever it be wirelessly. Bring your computer, bring your own desktop, whatever it's called, which I disagree on, wholeheartedly. All right.

Now put him in there. We're going to give them the same IP address because we're slick. You know, we're slick like that. Because we knew our IP address. We shouldn't do the same. Nobody knows.

All right. So now what's going to happen? Let's fast forward in time. Hey, it looks green. So we can do anything we want. Let's see.

Let's see. And we're going to go ahead and we're going to ping and ping 192 dot 168 dot one a two and boom, look at that. That's wrong read Oh, my God, what happened? What happened there? We would have said line protocol interface after one change data down. Let's take a look at our port security said hey, there's been war on violation.

Eyes, we're going to shut down that port. What does that really mean? Show interface F Zero slash one. And that means that er r this able, er disable. So you're gonna fly obviously, somebody's gonna call you you're gonna get some sort of Message to let you know something's going on. And we say, Listen, man, you can use your computer here, okay?

You got to use a computer that we allow that we allow. Okay, so let's plug it back in. It already has his IP address, but the port is still down to pour still shoulders down, so we need to go inside that port. All right, we will configure it, interface F Zero, slash one. We do shut, no shut. And it turns it back up are used to do a show interface as zeros slash one that shows that the port is up.

So we should be green. Why not fast forward in time and we are green. So now we can go ahead and ping every one or two. And we got that going on. So that's what port security does for us and just to look at the MAC address table To show you how sticky was sticky is doing show MAC address table and you see that it shows that it's static, even though it's running a dynamically but it shows a static as far as you get the violation. So that is port security.

See you in the next