Asus GigaX2024SX User Manual

Port Security Commands

e learning function or manually

ure addresses for a port. You may want to leave port security off for an

initial training period (i.e., enable the learning function) to register all the current
VLAN members on the selected port, and then enable port security to ensure that

ming frames with a source MAC address that is

unknown or has been previously learned from another port.

These commands can be used to disable th
specify sec

the port will drop any inco

p
T
ke

form with the appropriate keyword

efault settings for a response to security violation or for the

maximum number of allowed addresses.
S

tion {shutdown | trap | trap-and-shutdown}

[action | max-mac-count]

y is violated.

wn - Disable port only.

Issue SNMP trap message and disable port.

• max-mac-count
- address-count - The maximum number of MAC addresses that can be
learned on a port. (Range: 0-20)

Default Setting

Maximum Addresses: 0

ch will stop dynamically learning new
incoming traffic with source addresses

the dynamic or static address table will be accepted.

urity, first allow the switch to dynamically learn the <source

ort security
his command enables or configures port security. Use the no form without any

ywords to disable port security. Use the no

to restore the d

yntax

port security [ac
| max-mac-count address-count]
no port security
• action - Response to take when port securit
- shutdo
- trap - Issue SNMP trap message only.
- trap-and-shutdown -

Status: Disabled
Action: None

Command Mode

figuration (Ethernet)

Interface Con

Command Usage

• If you enable port security, the swit

e specified port. Only

addresses on th

in

already stored
• To use port sec
MAC address, VLAN> pair for frames received on a port for an initial training

then enable port security to stop address learning. Be sure you

period, and

4-80