•
Configured the VLAN
employee-vlan
on the switch. See “Example: Setting Up Bridging
with Multiple VLANs for EX Series Switches” on page 1312.
Overview and Topology
Ethernet LANs are vulnerable to address spoofing and DoS attacks on network devices.
This example describes how to protect the switch from an attack on the DHCP snooping
database that alters the MAC addresses assigned to some clients.
This example shows how to configure port security features on an EX3200-24P switch
that is connected to a DHCP server.
The setup for this example includes the VLAN
employee-vlan
on the switch. The procedure
for creating that VLAN is described in the topic “Example: Setting Up Bridging with Multiple
VLANs for EX Series Switches” on page 1312. That procedure is not repeated here. Figure
73 on page 2871 illustrates the topology for this example.
Figure 73: Network Topology for Basic Port Security
The components of the topology for this example are shown in Table 370 on page 2871.
Table 370: Components of the Port Security Topology
Settings
Properties
One EX3200-24P, 24 ports (8 PoE ports)
Switch hardware
employee-vlan
, tag
20
VLAN name and ID
192.0.2.16/28
192.0.2.17
through
192.0.2.30
192.0.2.31
is subnet's broadcast address
VLAN subnets
2871
Copyright © 2010, Juniper Networks, Inc.
Chapter 94: Examples: Port Security Configuration
Summary of Contents for JUNOS OS 10.3 - SOFTWARE
Page 325: ...CHAPTER 17 Operational Mode Commands for System Setup 229 Copyright 2010 Juniper Networks Inc ...
Page 1323: ...CHAPTER 56 Operational Mode Commands for Interfaces 1227 Copyright 2010 Juniper Networks Inc ...
Page 2841: ...CHAPTER 86 Operational Commands for 802 1X 2745 Copyright 2010 Juniper Networks Inc ...
Page 3367: ...CHAPTER 113 Operational Mode Commands for CoS 3271 Copyright 2010 Juniper Networks Inc ...
Page 3435: ...CHAPTER 120 Operational Mode Commands for PoE 3339 Copyright 2010 Juniper Networks Inc ...
Page 3529: ...CHAPTER 126 Operational Mode Commands for MPLS 3433 Copyright 2010 Juniper Networks Inc ...