Filter
Top Products
164 Security Commands
port-security
Implementation Notes
• If port security is enabled on a port, and then an ACL is applied to the port, the ACL is
given precedence and port security is ignored. For example, if port security is applied,
and then an ACL with a permit rule for a particular source address is applied, frames with
that source address will be permitted.
• Logically, then, if a port that does not have port security enabled has an ACL applied, and
then port security is enabled, the ACL takes precedence and port security is ignored, as
above.
• In either case, if all ACLs are removed from the port, port security will become active if it
is still configured as such.
• When port security is disabled on a port after having been enabled, all MAC table entries
associated with that port are flushed.
port-security
This command enables port locking at the system level (Global Config) or port level
(Interface Config).
The
no version of this command disables port locking at the system level (Global Config) or
port level (Interface Config).
Syntax
[no] port-security
Default
Disabled
Modes
Global Config and Interface Config; Interface Range, which is indicated by the
(conf-if-range-interface)# prompt, such as (conf-if-range-vlan 10-20)#.
Command
History
port-security max-dynamic
This command sets the maximum of dynamically locked MAC addresses allowed on a
specific port.
The
no version of this command resets the maximum of dynamically locked MAC addresses
allowed on a specific port to its default value.
Version 2.3 Added Interface VLAN and Interface Range modes.
Related
Commands
interface Identifies an interface and enters the Interface Config mode.
interface range Defines an interface range and accesses the Interface Range mode