11.6.2 Lab - Switch Security Configuration

Поділитися
Вставка
  • Опубліковано 21 гру 2024

КОМЕНТАРІ • 45

  • @adrianionascu4974
    @adrianionascu4974 Рік тому +1

    "If the maximum number of mac addresses is exceeded OVULATION will occur". You are the best!!!

  • @damasta.md.99
    @damasta.md.99 3 роки тому +3

    What a relief at step 5 point "e", as I did release the IP learned via DHCP on PC-B, but was never able to renew it after that, so thank you for clarifying the matter and also for the detailed answers for the Reflection Questions.

    • @romeroc24
      @romeroc24  3 роки тому

      basically dhcp snooping will not permit a lot of dhcp requests

    • @stijnpaepe652
      @stijnpaepe652 2 роки тому

      same here i redid the whole lab to find out you weren't supposed to do that step

  • @scottspa74
    @scottspa74 3 роки тому +7

    Man, you put so much time into this, it's amazing. My CCNA instructor has ben teaching for almost 10 years, and you do a hell of a lot better job, and you also explain tips, like, don't activate a physical interface until after you config the sub-interfaces. Great work you do. I really hope you're being compensated, somehow.

    • @romeroc24
      @romeroc24  3 роки тому +3

      Thank you very much , I appreciate all your support, you motivate me to continue doing this for long time

    • @hareesahmed2073
      @hareesahmed2073 2 роки тому

      hi mate do u have the packet tracer lab for 11.6.2 i really need help

    • @scottspa74
      @scottspa74 2 роки тому +1

      @@hareesahmed2073 yeah, I believe I do. Isn't it posted in the video description still? I have to get to my computer to share it. It'll take me a few.

    • @hareesahmed2073
      @hareesahmed2073 2 роки тому

      @@scottspa74 thanks a lot I really appreciate that , and its not in the description. But yeah thanks a lot

    • @scottspa74
      @scottspa74 2 роки тому

      @@hareesahmed2073 so, I can't find 11.6.2, except for a version I already completed, which I could share, and I guess you could erase and reload all machines. I do have 11.10.2 and 11.6.1 (which is almost same as 11.6.2 if I recall correctly - I think it was like, a practice for 11.6.2). Gonna take me about an hour for whichever file you want.

  • @scottspa74
    @scottspa74 3 роки тому +3

    So, for question 2, I only see 1 learned sticky address. In packet tracer, in simulation mode, when you click on a dhcp discover message dropped at switch 2, it shows "Device is not configured with a functional and trusted port. Device drops the packet". So isn't dhcp snooping the reason for the dropped packets from untrusted source/port ? That seems to be the reason packet tracer gives, and port-security maximum 2 hasn't been reached, as far as I see. Curious to hear feedback on this. Thanks

    • @romeroc24
      @romeroc24  3 роки тому +1

      dhcp snooping will drop any unnecessary dhcp request, and if you want to test port security, disable dhcp snooping, thank you for your comment

  • @MMMM-bp4wl
    @MMMM-bp4wl 3 роки тому +2

    Thank you for your videos, you're the reason I'm able to pass my CCNA exam this semester!

    • @romeroc24
      @romeroc24  3 роки тому +1

      I appreciate your comment, thank you very much

    • @hareesahmed2073
      @hareesahmed2073 2 роки тому

      hi mate do you have the packet tracer lab for 11.6.2 i really need help

    • @MMMM-bp4wl
      @MMMM-bp4wl 2 роки тому

      @@hareesahmed2073 unfortunately I don't have access to device I used for these labs but if I'll get my hand on it I'll let you know

    • @hareesahmed2073
      @hareesahmed2073 2 роки тому

      @@MMMM-bp4wl thanks a lot i really appreciate your reply back. Hopefully speak soon 👍

  • @marcovera4329
    @marcovera4329 4 роки тому +2

    Muchas gracias por tu gran aporte en este canal, me ayuda mucho seguir aprendiendo de networking y mas aun en esta nueva malla de ccna 200-301.

    • @romeroc24
      @romeroc24  4 роки тому

      Aprecio tu comentario, gracias

  • @damasta.md.99
    @damasta.md.99 3 роки тому +2

    Hi again Christian! I am still a bit misled, as I thought the issue with PC-B not being able to receive the IPs from DHCP is due to the dhcp snooping on S2, though while switching to "Simulation Mode", I saw that in fact the DHCP Discover gets past S2 straight to R1, where there's the following explanation at the final layer:
    1. The packet is a DHCP packet. The DHCP server processes it.
    2. The device receives a DHCP DISCOVER message that contains DHCP Option-82. The device is not configured to trust DHCP Relay Information. The device drops the packet.
    Thus, I went forward to configure S1's f0/5 as trusted, but the result is still the same. Therefore can you please explain if there's possible for the hosts to perform the request of IPs from the DHCP with the dhcp snooping active? Thank you in advance!

    • @romeroc24
      @romeroc24  3 роки тому

      remove snooping in S2, then apply dhcp just like me in the video, trust port will work only in the port that points to DHCP server,

    • @damasta.md.99
      @damasta.md.99 3 роки тому +1

      @@romeroc24 Thank you Christian!

  • @kersycosta1229
    @kersycosta1229 6 місяців тому +1

    I have a question .
    I want to know why we only enabled the command "ip dhcp snooping" in sw2 and not in sw1 ?

    • @romeroc24
      @romeroc24  3 місяці тому +1

      this is only an example, but you can do it also on SW1 for better security

    • @kersycosta1229
      @kersycosta1229 2 місяці тому +1

      @@romeroc24 thanks bro

  • @esculap12
    @esculap12 3 роки тому +1

    Awesome stuff as usual, you are the best! Thank you!

    • @romeroc24
      @romeroc24  3 роки тому

      I appreciate all your support, thank you thank you

  • @sadko_guslyar
    @sadko_guslyar Рік тому +1

    Well, what's the answer to question 2 if you're doing this lab not on PT but live?

    • @romeroc24
      @romeroc24  Рік тому

      It is the same answer for PT and Real Lab

  • @leokanettecailing4054
    @leokanettecailing4054 Рік тому +1

    Do you still have the finished packet tracer file for this lab activity? can we have it?

    • @romeroc24
      @romeroc24  Рік тому

      PLease if you can complete all steps following the video

  • @fdauti_ca
    @fdauti_ca 3 роки тому +1

    You are wrong on this one. Point 5.e doesn't work because of the relay cmd missing on the Router. PT supports another relay command to fix that, google to find it. With that command, you don't need to disable dhcp snooping on S2 for DHCP to work on PC-B

    • @romeroc24
      @romeroc24  3 роки тому

      Yes, but view the complete video please

  • @محمدسايحي-خ1ت
    @محمدسايحي-خ1ت 2 роки тому +1

    very good christian
    you are the best

    • @romeroc24
      @romeroc24  2 роки тому

      Thank you for all your support, I appreciate

  • @alialsagaf1291
    @alialsagaf1291 3 роки тому +1

    Can I download the folder