FIGURE 49 – Viewing port security settings on a switch. On port 9, learning is enabled. This port
has 6 stations connected to it with the MAC addresses as shown. Other ports have
learning disabled and the MAC addresses are not configured on those ports ................................68
FIGURE 50 – Enabling learning on a port. Note – after the learning is enabled, the port security
can be queried to find the status of MAC addresses learnt. If there were machines
connected to this port, the MAC address would be shown on port 11 as they are shown on
port 9 .......................................................................................................................................68
FIGURE 51 – Allowing specific MAC address on specific ports. After the MAC address is
specified, the port or specific ports or a range of ports can be queried as shown.............................. 69
FIGURE 52 – Removing a MAC address from port security.................................................................. 69
FIGURE 53Setting the logging on a port ............................................................................................69
FIGURE 54Steps for setting up port security on a specific port ............................................................71
FIGURE 55Show log and clear log command. The show log command indicates the type of log
activity in the S column .............................................................................................................73
FIGURE 56Steps to allow deny or remove specific services................................................................... 75
FIGURE 57802.1x network components........................................................................................... 78
FIGURE 58802.1x authentication details .........................................................................................79
FIGURE 59 – securing the network using port access ..............................................................................84
FIGURE 60 Flow chart describing the interaction between local users and TACACS
authorization ............................................................................................................................88
FIGURE 61TACACS packet format............................................................................................... 89
FIGURE 62 – Configuring TACACS+............................................................................................... 91
FIGURE 63Enabling port mirroring .................................................................................................94
FIGURE 64Port setup....................................................................................................................... 95
FIGURE 65 Setting up back pressure and flow control on ports............................................................99
FIGURE 66Setting up broadcast storm protection. Also shows how the threshold can be lowered
for a specific port .....................................................................................................................101
FIGURE 67 – VLAN as two separate collision domains. The top part of the figure shows two
“traditional” Ethernet segments. Up to 32 VLANs can be defined per switch.........................103
FIGURE 68 – Ports can belong to multiple VLANs. In this figure a simplistic view is presented
where some ports belong to VLANs 1, 2 and other ports belong to VLANs 2,3. Ports
can belong to VLANs 1, 2 and 3. This is not shown in the figure. .........................................104
FIGURE 69 – routing between different VLANs is performed using a router or a Layer 3 switch
(L3-switch)............................................................................................................................. 105
FIGURE 70 – configuring VLANs on Magnum 6K switch................................................................ 108
FIGURE 71 – Example of setting up port based VLANs ..................................................................111
xiii