Scribd
Upload
28 views2 pages

Configuring Port Security

This document provides instructions for configuring port security on a switch. It describes how to set the maximum number of secure MAC addresses allowed on a port and how to manually or dynamically add secure MAC addresses to the address table. It also provides commands for displaying port security settings and the secure MAC address table.

Uploaded by

Ariel Alvarez
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
28 views2 pages

Configuring Port Security

This document provides instructions for configuring port security on a switch. It describes how to set the maximum number of secure MAC addresses allowed on a port and how to manually or dynamically add secure MAC addresses to the address table. It also provides commands for displaying port security settings and the secure MAC address table.

Uploaded by

Ariel Alvarez
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Configuring Port Security

SwitchX(config-if)#switchport port-security [ mac-address mac-address | mac-address sticky [mac-address] | maximum value | violation {restrict | shutdown}] SwitchX(config)#interface fa0/5 SwitchX(config-if)#switchport mode access SwitchX(config-if)#switchport port-security SwitchX(config-if)#switchport port-security maximum 1 SwitchX(config-if)#switchport port-security mac-address sticky SwitchX(config-if)#switchport port-security violation shutdown
You can add secure addresses to the address table after you set the maximum number of secure MAC addresses allowed on a port in these ways: Manually configure all of the addresses (switchport port-security mac-address 0008.eeee.eeee). Allow the port to dynamically configure all of the addresses (switchport port-security mac-address sticky). You can configure an interface to convert the dynamic MAC addresses to sticky secure MAC addresses and to add them to the running configuration by enabling sticky learning. To enable sticky learning, enter the switchport port-security mac-address sticky interface configuration command. When you enter this command, the interface converts all the dynamic secure MAC addresses, including those that were dynamically learned before sticky learning was enabled, to sticky secure MAC addresses.

SwitchX#show port-security [interface interface-id] [address] [ | {begin | exclude | include} expression] SwitchX#show port-security interface fastethernet 0/5 Port Security : Enabled Port Status : Secure-up Violation Mode : Shutdown Aging Time : 20 mins Aging Type : Absolute SecureStatic Address Aging : Disabled Maximum MAC Addresses : 1 Total MAC Addresses : 1 Configured MAC Addresses : 0 Sticky MAC Addresses : 0 Last Source Address : 0000.0000.0000 Security Violation Count : 0

SwitchX#sh port-security address Secure Mac Address Table ------------------------------------------------------------------Vlan Mac Address Type Ports Remaining Age (mins) ---- ----------- ---- ----- ------------1 0008.dddd.eeee SecureConfigured Fa0/5 ------------------------------------------------------------------Total Addresses in System (excluding one mac per port) : 0 Max Addresses limit in System (excluding one mac per port) : 1024 SwitchX#sh port-security Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action (Count) (Count) (Count) -------------------------------------------------------------------------Fa0/5 1 1 0 Shutdown --------------------------------------------------------------------------Total Addresses in System (excluding one mac per port) : 0 Max Addresses limit in System (excluding one mac per port) : 1024
Use the show port-security address command to display the secure MAC addresses for all ports. Use the show port-security command without keywords to display the port security settings for the switch.

You might also like