USD ($)
$
United States Dollar
India Rupee

Client 1 is unable to ping Client 2 as well as DSW1

Lesson 7/18 | Study Time: 60 Min
Client 1 is unable to ping Client 2 as well as DSW1

Ticket 7 – Port Security 

Client 1 is getting a 169.x.x.x IP address & is unable to ping Client 2 as well as DSW1. The command ‘sh interfaces e0/0′ will show the following message in the first line 

‘Ethernet0/0 is down, line protocol is down (err-disabled)’ 

On ASW1 port-security mac 0000.0000.0001, interface in err-disable state 

Initial Configuration

ASW1#show running-config 

Building configuration...


Current configuration : 1837 bytes

!

! Last configuration change at 18:31:29 IST Thu Oct 25 2018

!

version 15.2

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

service compress-config

!

hostname ASW1

!

boot-start-marker

boot-end-marker

!

!

!

no aaa new-model

clock timezone IST 5 30

!

!

!

!         

!

no ip routing

!

!

!

no ip cef

no ipv6 cef

!

!

!

spanning-tree mode rapid-pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

!

!

!

!

!

!

!         

!

!

!

!

!

interface Port-channel1

 switchport trunk encapsulation dot1q

 switchport mode trunk

!

interface Port-channel3

 switchport trunk encapsulation dot1q

 switchport mode trunk

!

interface Ethernet0/0

 switchport access vlan 10

 switchport mode access

 switchport port-security mac-address 0000.0000.0001

 switchport port-security

!

interface Ethernet0/1

 switchport access vlan 10

 switchport mode access

!         

interface Ethernet0/2

 switchport access vlan 10

 switchport mode access

!

interface Ethernet0/3

 switchport access vlan 10

 switchport mode access

!

interface Ethernet1/0

 switchport trunk encapsulation dot1q

 switchport mode trunk

 channel-group 3 mode passive

!

interface Ethernet1/1

 switchport trunk encapsulation dot1q

 switchport mode trunk

 channel-group 3 mode passive

!

interface Ethernet1/2

 switchport trunk encapsulation dot1q

 switchport mode trunk

 channel-group 1 mode passive

!         

interface Ethernet1/3

 switchport trunk encapsulation dot1q

 switchport mode trunk

 channel-group 1 mode passive

!

interface Vlan200

 ip address 192.168.1.131 255.255.255.224

 no ip route-cache

!

ip default-gateway 192.168.1.129

ip forward-protocol nd

!

no ip http server

no ip http secure-server

!

!

!

!

!

!

control-plane

!

!         

line con 0

 exec-timeout 0 0

 logging synchronous

line aux 0

line vty 0 4

 privilege level 15

 no login

!

!

end


ASW1#

Configuration of ASW1 

interface ethernet0/0 

 switchport access vlan 10 

 switchport mode access 

 switchport port-security  


 switchport port-security maximum 1 


 switchport port-security violation shutdown  

 switchport port-security mac-address 0000.0000.0001 

Answer: on ASW1 delete port-security & do on interfaces shutdown, no shutdown 

Ans1) ASW1 

Ans2) Port security 

Ans3) In Configuration mode, using the interface range e0/0 – 1, then no switchport port-security, followed by shutdown, no shutdown interface configuration commands. 

Solution

ASW1#show running-config 

Building configuration...


Current configuration : 1758 bytes

!

! Last configuration change at 18:33:47 IST Thu Oct 25 2018

!

version 15.2

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

service compress-config

!

hostname ASW1

!

boot-start-marker

boot-end-marker

!

!

!

no aaa new-model

clock timezone IST 5 30

!

!

!

!         

!

no ip routing

!

!

!

no ip cef

no ipv6 cef

!

!

!

spanning-tree mode rapid-pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

!

!

!

!

!

!

!         

!

!

!

!

!

interface Port-channel1

 switchport trunk encapsulation dot1q

 switchport mode trunk

!

interface Port-channel3

 switchport trunk encapsulation dot1q

 switchport mode trunk

!

interface Ethernet0/0

 switchport access vlan 10

 switchport mode access

!

interface Ethernet0/1

 switchport access vlan 10

 switchport mode access

!

interface Ethernet0/2

 switchport access vlan 10

 switchport mode access

!

interface Ethernet0/3

 switchport access vlan 10

 switchport mode access

!

interface Ethernet1/0

 switchport trunk encapsulation dot1q

 switchport mode trunk

 channel-group 3 mode passive

!

interface Ethernet1/1

 switchport trunk encapsulation dot1q

 switchport mode trunk

 channel-group 3 mode passive

!

interface Ethernet1/2

 switchport trunk encapsulation dot1q

 switchport mode trunk

 channel-group 1 mode passive

!

interface Ethernet1/3

 switchport trunk encapsulation dot1q

 switchport mode trunk

 channel-group 1 mode passive

!

interface Vlan200

 ip address 192.168.1.131 255.255.255.224

 no ip route-cache

!

ip default-gateway 192.168.1.129

ip forward-protocol nd

!

no ip http server

no ip http secure-server

!

!

!

!

!

!

control-plane

!

!

line con 0

 exec-timeout 0 0

 logging synchronous

line aux 0

line vty 0 4

 privilege level 15

 no login

!

!

end


ASW1#