LevelOne FGL-2870 User Manual

General Security Measures

4-159

4

Command Usage

• If you enable port security, the switch stops learning new MAC addresses on

the specified port when it has reached a configured maximum number. Only
incoming traffic with source addresses already stored in the dynamic or static
address table will be accepted.

• Use the port security command to enable security on a port. Then use the

port security action command to set the response to a port security violation,
and the port security max-mac-count command to set the maximum
number of addresses allowed on a port.

• You can also manually add secure addresses with the mac-address-table

static command.

• A secure port has the following restrictions:

- Cannot be connected to a network interconnection device.
- Cannot be a trunk port.

• If a port is disabled due to a security violation, it must be manually re-enabled

using the no shutdown command.

Example
The following example enables port security for port 5, and sets the response to a
security violation to issue a trap message:

Related Commands

shutdown (4-226)
mac-address-table static (4-264)
show mac-address-table (4-266)

Console(config)#interface ethernet 1/5
Console(config-if)#port security
Console(config-if)#port security action trap
Console(config-if)#