Categories
- Arts & Entertainment
- Business
- Communications
- Computers
- Culture & Society
- Disease & Illness
- Fashion
- Finance
- Food & Beverage
- Health & Fitness
- Hobbies
- Home & Family
- Home Based Business
- Internet Business
- Legal
- Pets & Animals
- Politics
- Product Reviews
- Recreation & Sports
- Reference & Education
- Religion
- Self Improvement
- Shopping
- Travel & Leisure
- Vehicles
- Writing & Speaking
Information
Cisco CCNA Certification Exam Tutorial: Port-Based Authentication
To pass your CCNA exam and earn this coveted certification, you must understand the details of port-based authentication. This knowledge has a great deal of value in production networks as well, since this authentication scheme is regularly implemented. Let's take a look at this particular CCNA skill.
Consider a situation where you have a server that will be connected to your switch, and you want the port to shut down if a device with a different MAC address that that of the switch attempts to connect to that port. You could also have a situation where you have someone who has a connection to a switch port in his office, and he wants to make sure that only his laptop can use that port.
Both of these examples are real-world situations, and there are two solutions for each. First, we could create a static MAC entry for that particular switch port. I don't recommend this, mainly because both you and I have better things to do than manage static MAC entries. The better solution is to configure port-based authentication on the switch.
The Cisco switch uses MAC addresses to enforce port security. With port security, only devices with certain MAC addresses can connect to the port successfully. This is another reason source MACs are looked at before the destination MAC is examined. If the source MAC is non-secure and port-based authentication is in effect, the destination does not matter, as the frame will not be forwarded. In essence, the source MAC address serves as the password.
MAC addresses that are allowed to successfully communicate with the switch port are secure MAC addresses. The default number of secure MAC addresses is 1, but a maximum of 132 secure MACs can be configured.
When a non-secure MAC address attempts to communicate with the switch port, one of three actions will occur, depending on the port security mode. In Protect mode, frames with non-secure MAC addresses are dropped. There is no notification that a violation has occurred. The port will continue to switch frames for the secure MAC address.
In Restrict mode, the same action is taken, but a syslog message is logged via SNMP, which is a messaging protocol used by Cisco routers.
In Shutdown mode, the interface goes into error-disabled state, the port LED will go out, and a syslog message is logged. The port has to be manually reopened. Shutdown mode is the default port-security mode.
Port-based authentication is just one of the many switching skills you'll have to demonstrate to earn your CCNA certification. Make sure you know the basics shown here, including the action of each particular mode, and you're on your way to CCNA exam success!
Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free CCNA and CCNP tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study Packages.
You can also join his RSS feed and visit his blog, which is updated several times daily with new Cisco certification articles, free tutorials, and daily CCNA / CCNP exam questions! Details are on the website.
For a FREE copy of his latest e-books, “How To Pass The CCNA” and “How To Pass The CCNP”, visit the website and download your free copies. You can also get FREE CCNA and CCNP exam questions every day! Get your CCNA study guide from The Bryant Advantage!
Article source: Expert Articles
Most Recent Articles in Certification Tests category
- Home Study IT Courses Described - By: Jason Kendall
There are four specialised areas of training in the full CompTIA A+ syllabus, but you're just required to achieve pass marks in 2 for competency in A+. Be aware though that only studying two of the four specialities might well not equip you for a job. Choose a course with all 4 subjects - you'll be glad you did when it comes to interview time. - MCSA Training In The UK - Thoughts - By: Jason Kendall
The Microsoft MCSA (Microsoft Certified Systems Administrator) course is a great basis for those thinking of getting into supporting networks. Whether you're about to join the IT industry or already have experience but need to improve your CV with a good qualification, it's possible to achieve your goals with the right training. Each scenario needs a different type of course, so ensure you've got the correct program in advance of investing your cash. Search for a training provider that takes the time to get to know what you hope to do, and can help you identify what you want to do, before they advise on a course. - Adobe CS3 Design Study At Home - Options - By: Jason Kendall
To become a proficient web designer with relevant qualifications for the job market today, your must-have certification is Adobe Dreamweaver. The complete Adobe Web Creative Suite should additionally be learned in detail. This will educate you in Action Script and Flash, (and more), and will put you on track to gain your Adobe Certified Professional (ACP) or an Adobe Certified Expert (ACE) qualification. - Studying for CompTIA IT Compared - By: Jason Kendall
In the modern world, support workers who have the ability to solve problems with PC's and networks, plus give ongoing help to users, are vital in all sections of the economy. Due to the progressively complex nature of technology, greater numbers of qualified workers are required to specialise in the many areas we've become dependent on. - Choosing The Right Database Course Revealed - By: Jason Kendall
Everybody is busy these days, and generally if we desire to study for a new career, studying outside of working hours is what we have to do. Microsoft certified training can fill that gap. It's a good idea to talk to industry experts, who can give you some ideas on what sort of job would be right for you, and what sort of tasks are correct for someone with your personality. After settling on the career track for you, you must find a relevant course matched to your needs. Your course material should be second to none. - Training in IT Support - Update - By: Jason Kendall
It's really great that you've made it this far! A fraction of the population enjoy their work and find it stimulating, but the majority complain to each other and do nothing. The fact that you're here means it's likely that you've a personal interest in re-training, so you've already stood out from the crowd. Now you just need to get busy to find your direction. - Considering Microsoft MCSE Courses Explained - By: Jason Kendall
If you're going through this material there's a good chance that you're about to make a move into the great world of IT and you fancy taking your MCSE, or you're someone with a certain amount of knowledge and you've realised that the next stage is a qualification such as MCSE. - Choosing A C Programming Course Clarified - By: Jason Kendall
With an abundance of computer training courses available on the market today, it's a good idea to look for a company who can guide you on a good match for you. Professional organisations will talk thoroughly through the different job roles that you might enjoy, before suggesting a training program that will train you for where you want to go. Whether you want to improve your computer user skills, or dream of getting IT qualifications at a professional level, there are plain-speaking courses and assistance to give you the chance you've been looking for. - Networking Training Across The UK Revealed - By: Jason Kendall
In this day and age, many workplaces could not function efficiently without assistance from support workers solving problems with networks and computers, while recommending solutions to users each and every day. The requirement for such skilled and qualified people is consistently on the grow, as industry becomes more and more reliant on computers. - Cisco Career Training Online Courses In The UK In Detail - By: Jason Kendall
Should you be interested in training in Cisco, a CCNA is in all probability what you'll need. The Cisco training is the way to go for those who want to learn about routers and switches. Routers hook up computer networks to another collection of computer networks over dedicated lines or the internet.