Kings,
Your first query - If you don't have the keyword sticky the switch looses the config after a reboot. Johan From: [email protected] [mailto:[email protected]] On Behalf Of Kingsley Charles Sent: 05 June 2010 04:15 PM To: [email protected] Subject: [OSL | CCIE_Security] switch port security Hi all I have couple of queries in the config given below taken from cciedoc Query 1 What is the difference between the following two commands: switchport port-security mac-address sticky 0000.0000.0002 switchport port-security mac-address 0000.0000.0003 Does the sticky keyword disable aging for the secure mac address? Query 2 switchport port-security mac-address sticky 0000.0000.0001 vlan acess => puts the secure mac address in access vlan switchport port-security mac-address sticky 0000.0000.0001 vlan voice => pits the secure mac addres in voice vlan Now, if I don't specify either access or voice vlan, to which vlan with 0000.0000.0003 put into? switchport port-security mac-address 0000.0000.0003 http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/1 2.2_44_se/configuration/guide/swtrafc.html Switch(config)# interface FastEthernet0/1 Switch(config-if)# switchport access vlan 21 Switch(config-if)# switchport mode access Switch(config-if)# switchport voice vlan 22 Switch(config-if)# switchport port-security Switch(config-if)# switchport port-security maximum 20 Switch(config-if)# switchport port-security violation restrict Switch(config-if)# switchport port-security mac-address sticky Switch(config-if)# switchport port-security mac-address sticky 0000.0000.0002 Switch(config-if)# switchport port-security mac-address 0000.0000.0003 Switch(config-if)# switchport port-security mac-address sticky 0000.0000.0001 vlan voice Switch(config-if)# switchport port-security mac-address 0000.0000.0004 vlan voice Switch(config-if)# switchport port-security maximum 10 vlan access Switch(config-if)# switchport port-security maximum 10 vlan voice With regards Kings
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
