Filter
Top Products
Ethernet Switch CLI Reference Guide
179
CHAPTER 47
Port Security Commands
Use these commands to allow only packets with dynamically learned MAC addresses and/or
configured static MAC addresses to pass through a port on the Switch. For maximum port
security, enable port security, disable MAC address learning and configure static MAC
address(es) for a port.
" It is not recommended you disable both port security and MAC address
learning because this will result in many broadcasts.
47.1 Command Summary
The following section lists the commands for this feature.
Table 102 port-security Command Summary
COMMAND DESCRIPTION M P
show port-security Displays all port security settings. E 3
show port-security <port-list> Displays port security settings on the specified port(s). E 3
port-security Enables port security on the Switch. C 13
no port-security Disables port security on the device. C 13
port-security <port-list> Enables port security on the specified port(s). C 13
no port-security <port-list> Disables port security on the specified port(s). C 13
port-security <port-list> learn
inactive
Disables MAC address learning on the specified port(s). C 13
no port-security <port-list>
learn inactive
Enables MAC address learning on the specified ports. C 13
port-security <port-list>
address-limit <number>
Limits the number of (dynamic) MAC addresses that may be
learned on the specified port(s).
C13
port-security <port-list> MAC-
freeze
Stops MAC address learning and enables port security on the
port(s).
Note: All previously-learned dynamic MAC
addresses are saved to the static MAC
address table.
C13
port-security <port-listt> vlan
<vlan-id> address-limit <number>
Limits the number of (dynamic) MAC addresses that may be
learned on the specified port(s) in a specified VLAN.
C13