11.6.2 Lab - Switch Security Configuration

Поделиться
HTML-код
  • Опубликовано: 4 ноя 2024

Комментарии • 45

  • @damasta.md.99
    @damasta.md.99 3 года назад +3

    What a relief at step 5 point "e", as I did release the IP learned via DHCP on PC-B, but was never able to renew it after that, so thank you for clarifying the matter and also for the detailed answers for the Reflection Questions.

    • @romeroc24
      @romeroc24  3 года назад

      basically dhcp snooping will not permit a lot of dhcp requests

    • @stijnpaepe652
      @stijnpaepe652 2 года назад

      same here i redid the whole lab to find out you weren't supposed to do that step

  • @scottspa74
    @scottspa74 3 года назад +7

    Man, you put so much time into this, it's amazing. My CCNA instructor has ben teaching for almost 10 years, and you do a hell of a lot better job, and you also explain tips, like, don't activate a physical interface until after you config the sub-interfaces. Great work you do. I really hope you're being compensated, somehow.

    • @romeroc24
      @romeroc24  3 года назад +3

      Thank you very much , I appreciate all your support, you motivate me to continue doing this for long time

    • @hareesahmed2073
      @hareesahmed2073 2 года назад

      hi mate do u have the packet tracer lab for 11.6.2 i really need help

    • @scottspa74
      @scottspa74 2 года назад +1

      @@hareesahmed2073 yeah, I believe I do. Isn't it posted in the video description still? I have to get to my computer to share it. It'll take me a few.

    • @hareesahmed2073
      @hareesahmed2073 2 года назад

      @@scottspa74 thanks a lot I really appreciate that , and its not in the description. But yeah thanks a lot

    • @scottspa74
      @scottspa74 2 года назад

      @@hareesahmed2073 so, I can't find 11.6.2, except for a version I already completed, which I could share, and I guess you could erase and reload all machines. I do have 11.10.2 and 11.6.1 (which is almost same as 11.6.2 if I recall correctly - I think it was like, a practice for 11.6.2). Gonna take me about an hour for whichever file you want.

  • @adrianionascu4974
    @adrianionascu4974 10 месяцев назад +1

    "If the maximum number of mac addresses is exceeded OVULATION will occur". You are the best!!!

  • @MMMM-bp4wl
    @MMMM-bp4wl 3 года назад +2

    Thank you for your videos, you're the reason I'm able to pass my CCNA exam this semester!

    • @romeroc24
      @romeroc24  3 года назад +1

      I appreciate your comment, thank you very much

    • @hareesahmed2073
      @hareesahmed2073 2 года назад

      hi mate do you have the packet tracer lab for 11.6.2 i really need help

    • @MMMM-bp4wl
      @MMMM-bp4wl 2 года назад

      @@hareesahmed2073 unfortunately I don't have access to device I used for these labs but if I'll get my hand on it I'll let you know

    • @hareesahmed2073
      @hareesahmed2073 2 года назад

      @@MMMM-bp4wl thanks a lot i really appreciate your reply back. Hopefully speak soon 👍

  • @marcovera4329
    @marcovera4329 4 года назад +2

    Muchas gracias por tu gran aporte en este canal, me ayuda mucho seguir aprendiendo de networking y mas aun en esta nueva malla de ccna 200-301.

    • @romeroc24
      @romeroc24  4 года назад

      Aprecio tu comentario, gracias

  • @esculap12
    @esculap12 3 года назад +1

    Awesome stuff as usual, you are the best! Thank you!

    • @romeroc24
      @romeroc24  3 года назад

      I appreciate all your support, thank you thank you

  • @scottspa74
    @scottspa74 3 года назад +3

    So, for question 2, I only see 1 learned sticky address. In packet tracer, in simulation mode, when you click on a dhcp discover message dropped at switch 2, it shows "Device is not configured with a functional and trusted port. Device drops the packet". So isn't dhcp snooping the reason for the dropped packets from untrusted source/port ? That seems to be the reason packet tracer gives, and port-security maximum 2 hasn't been reached, as far as I see. Curious to hear feedback on this. Thanks

    • @romeroc24
      @romeroc24  3 года назад +1

      dhcp snooping will drop any unnecessary dhcp request, and if you want to test port security, disable dhcp snooping, thank you for your comment

  • @محمدسايحي-خ1ت
    @محمدسايحي-خ1ت 2 года назад +1

    very good christian
    you are the best

    • @romeroc24
      @romeroc24  2 года назад

      Thank you for all your support, I appreciate

  • @fdauti_ca
    @fdauti_ca 3 года назад +1

    You are wrong on this one. Point 5.e doesn't work because of the relay cmd missing on the Router. PT supports another relay command to fix that, google to find it. With that command, you don't need to disable dhcp snooping on S2 for DHCP to work on PC-B

    • @romeroc24
      @romeroc24  3 года назад

      Yes, but view the complete video please

  • @damasta.md.99
    @damasta.md.99 3 года назад +2

    Hi again Christian! I am still a bit misled, as I thought the issue with PC-B not being able to receive the IPs from DHCP is due to the dhcp snooping on S2, though while switching to "Simulation Mode", I saw that in fact the DHCP Discover gets past S2 straight to R1, where there's the following explanation at the final layer:
    1. The packet is a DHCP packet. The DHCP server processes it.
    2. The device receives a DHCP DISCOVER message that contains DHCP Option-82. The device is not configured to trust DHCP Relay Information. The device drops the packet.
    Thus, I went forward to configure S1's f0/5 as trusted, but the result is still the same. Therefore can you please explain if there's possible for the hosts to perform the request of IPs from the DHCP with the dhcp snooping active? Thank you in advance!

    • @romeroc24
      @romeroc24  3 года назад

      remove snooping in S2, then apply dhcp just like me in the video, trust port will work only in the port that points to DHCP server,

    • @damasta.md.99
      @damasta.md.99 3 года назад +1

      @@romeroc24 Thank you Christian!

  • @kersycosta1229
    @kersycosta1229 5 месяцев назад +1

    I have a question .
    I want to know why we only enabled the command "ip dhcp snooping" in sw2 and not in sw1 ?

    • @romeroc24
      @romeroc24  2 месяца назад +1

      this is only an example, but you can do it also on SW1 for better security

    • @kersycosta1229
      @kersycosta1229 Месяц назад +1

      @@romeroc24 thanks bro

  • @sadko_guslyar
    @sadko_guslyar Год назад +1

    Well, what's the answer to question 2 if you're doing this lab not on PT but live?

    • @romeroc24
      @romeroc24  Год назад

      It is the same answer for PT and Real Lab

  • @leokanettecailing4054
    @leokanettecailing4054 11 месяцев назад +1

    Do you still have the finished packet tracer file for this lab activity? can we have it?

    • @romeroc24
      @romeroc24  11 месяцев назад

      PLease if you can complete all steps following the video

  • @alialsagaf1291
    @alialsagaf1291 2 года назад +1

    Can I download the folder