Above is a visual of Private VLANs and how they can communicate with each other, however this is going to be a lot of Switch security, so lets get to it. Port Security troubleshooting Some common issues that can cause Port Security not to work: Port Security is configured but not enabled - This is … Continue reading TSHOOT – Port Security, DHCP Snooping, IP Source Guard, DAI, Protected Ports, Private VLANs, and VACL Troubleshooting!
IP Source Guard is similar to Dynamic ARP Inspection in the way that it maps IP Addresses to certain criteria that must match or packets will be dropped, however this is configured solely on the interfaces and ties the IP Address of the device off that interface to its ip source verify table. You can … Continue reading Quick IP Source Guard Review, and how it differs from DAI (slightly) for exam day!
I'm just going to re-use the Topology we had going from the Dynamic ARP Inspection, as IP Source Guard uses DHCP Snooping as well as the mechanism that allows it to work, though Static Bindings can be configured (Which is why Host B now has a Static IP). IP Source Guard nor VLAN Hopping are … Continue reading IP Source Guard / VLAN Hopping / Switch Spoofing – Fundamentals, configuration, verification, and all concepts explained!