Filter
Top Products
A
UTHENTICATION
C
OMMANDS
4-101
Port Security Commands
These commands can be used to disable the learning function or manually
specify secure addresses for a port. You may want to leave port security off
for an initial training period (i.e., enable the learning function) to register
all the current VLAN members on the selected port, and then enable port
security to ensure that the port will drop any incoming frames with a
source MAC address that is unknown or has been previously learned from
another port.
port security
This command enables or configures port security. Use the no form
without any keywords to disable port security. Use the no form with the
appropriate keyword to restore the default settings for a response to
security violation or for the maximum number of allowed addresses.
Syntax
port security [action {shutdown | trap | trap-and-shutdown}
| max-mac-count address-count]
no port security [action | max-mac-count]
• action - Response to take when port security is violated.
- shutdown - Disable port only.
- trap - Issue SNMP trap message only.
- trap-and-shutdown - Issue SNMP trap message and disable
port.
• max-mac-count
- address-count - The maximum number of MAC addresses that can
be learned on a port. (Range: 0 - 20)
Command Function Mod
e
Page
port security Configures a secure port IC 3-101
mac-address-table static Maps a static address to a port in a VLAN GC 3-34
show mac-address-table Displays entries in the bridge-forwarding
database
PE 3-35