Scribd Logo
Upload

Welcome to Scribd!

  • Configuring Port Security

    Uploaded by

    Ariel Alvarez
    9 views2 pages
    This document provides instructions for configuring port security on a switch. It describes how to set the maximum number of secure MAC addresses allowed on a port and how to manually or dynamically add secure MAC addresses to the address table. It also provides commands for displaying port security settings and the secure MAC address table.

    Original Description:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides instructions for configuring port security on a switch. It describes how to set the maximum number of secure MAC addresses allowed on a port and how to manually or dynamically add secure MAC addresses to the address table. It also provides commands for displaying port security settings and the secure MAC address table.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    9 views2 pages

    Configuring Port Security

    Uploaded by

    Ariel Alvarez
    This document provides instructions for configuring port security on a switch. It describes how to set the maximum number of secure MAC addresses allowed on a port and how to manually or dynamically add secure MAC addresses to the address table. It also provides commands for displaying port security settings and the secure MAC address table.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 2

    Configuring Port Security

    SwitchX(config-if)#switchport port-security [ mac-address mac-address | mac-address sticky [mac-address] | maximum value | violation {restrict | shutdown}] SwitchX(config)#interface fa0/5 SwitchX(config-if)#switchport mode access SwitchX(config-if)#switchport port-security SwitchX(config-if)#switchport port-security maximum 1 SwitchX(config-if)#switchport port-security mac-address sticky SwitchX(config-if)#switchport port-security violation shutdown
    You can add secure addresses to the address table after you set the maximum number of secure MAC addresses allowed on a port in these ways: Manually configure all of the addresses (switchport port-security mac-address 0008.eeee.eeee). Allow the port to dynamically configure all of the addresses (switchport port-security mac-address sticky). You can configure an interface to convert the dynamic MAC addresses to sticky secure MAC addresses and to add them to the running configuration by enabling sticky learning. To enable sticky learning, enter the switchport port-security mac-address sticky interface configuration command. When you enter this command, the interface converts all the dynamic secure MAC addresses, including those that were dynamically learned before sticky learning was enabled, to sticky secure MAC addresses.

    SwitchX#show port-security [interface interface-id] [address] [ | {begin | exclude | include} expression] SwitchX#show port-security interface fastethernet 0/5 Port Security : Enabled Port Status : Secure-up Violation Mode : Shutdown Aging Time : 20 mins Aging Type : Absolute SecureStatic Address Aging : Disabled Maximum MAC Addresses : 1 Total MAC Addresses : 1 Configured MAC Addresses : 0 Sticky MAC Addresses : 0 Last Source Address : 0000.0000.0000 Security Violation Count : 0

    SwitchX#sh port-security address Secure Mac Address Table ------------------------------------------------------------------Vlan Mac Address Type Ports Remaining Age (mins) ---- ----------- ---- ----- ------------1 0008.dddd.eeee SecureConfigured Fa0/5 ------------------------------------------------------------------Total Addresses in System (excluding one mac per port) : 0 Max Addresses limit in System (excluding one mac per port) : 1024 SwitchX#sh port-security Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action (Count) (Count) (Count) -------------------------------------------------------------------------Fa0/5 1 1 0 Shutdown --------------------------------------------------------------------------Total Addresses in System (excluding one mac per port) : 0 Max Addresses limit in System (excluding one mac per port) : 1024
    Use the show port-security address command to display the secure MAC addresses for all ports. Use the show port-security command without keywords to display the port security settings for the switch.

    You might also like