132
enabled, the Spanning Tree and Port Aggregation functions must be disabled, and the
port enabling MAC address binding must not be a Trunk port.
Example: Enable MAC address binding function for port 1and and lock the port. When a
port is locked, the MAC address learning function for the port will be disabled.
Switch(Config)#interface Ethernet 1/1
Switch(Config-Ethernet1/1)#port security
4.5.1.2.2.2 switchport port-security convert
Command: switchport port-security convert
Function: Convert dynamic secure MAC addresses learned by the port to static secure
MAC addresses, and disables the MAC address learning function for the port.
Command mode: Interface Mode
Usage Guide: The port dynamic MAC convert command can only be executed after the
secure port is locked. After this command is executed, the dynamic secure MAC
addresses learned by the port will be converted to static secure MAC addresses. The
command does not reserve configuration.
Example: Convert MAC addresses in port 1 to static secure MAC addresses.
Switch(Config)#interface Ethernet 1/1
Switch(Config-Ethernet1/1)#switchport port-security convert
4.5.1.2.2.3 switchport port-security timeout
Command: switchport port-security timeout <value>
no switchport port-security timeout
Function: Set the timer for port locking; the “no switchport port-security timeout”
command restores the default setting.
Parameter: < value> is the timeout value, the valid range is 0 to 300s.
Command mode: Interface Mode
Default: Port locking timer is not enabled by default.
Usage Guide: The port locking timer function is a dynamic MAC address locking function.
MAC address locking and conversion of dynamic MAC entries to secure address entries
will be performed on locking timer timeout. The MAC address binding function must be
enabled prior to running this command.
Example: Set port1 locking timer to 30 seconds.
Switch(Config)#interface Ethernet 1/1