Port security – LevelOne GTL-2690 User Manual

Page 488

Advertising
background image

Port Security Commands

25-25

25

port security

This command enables or configures port security. Use the no form without any
keywords to disable port security. Use the no form with the appropriate keyword to
restore the default settings for a response to security violation or for the maximum
number of allowed addresses.

Syntax

port security [action {shutdown | trap | trap-and-shutdown}

| max-mac-count address-count]

no port security [action | max-mac-count]

action - Response to take when port security is violated.

- shutdown - Disable port only.
- trap - Issue SNMP trap message only.
- trap-and-shutdown - Issue SNMP trap message and disable port.

max-mac-count

- address-count - The maximum number of MAC addresses that can be

learned on a port. (Range: 0 - 1024, where 0 means disabled)

Default Setting

• Status: Disabled
• Action: None
• Maximum Addresses: 0

Command Mode

Interface Configuration (Ethernet)

Command Usage

• When port security is enabled with this command, the switch first clears all

dynamically learned entries from the address table. It then starts learning new
MAC addresses on the specified port, and stops learning addresses when it
reaches a configured maximum number. Only incoming traffic with source
addresses already stored in the dynamic or static address table will be
accepted.

• First use the port security max-mac-count command to set the number of

addresses, and then use the port security command to enable security on
the port. (The specified maximum address count is effective when port
security is enabled or disabled.)

• Use the no port security max-mac-count command to disable port security

and reset the maximum number of addresses to the default.

• You can also manually add secure addresses with the mac-address-table

static command.

• A secure port has the following restrictions:

- Cannot be connected to a network interconnection device.
- Cannot be a trunk port.

• If a port is disabled due to a security violation, it must be manually re-enabled

using the no shutdown command.

Advertising
Popular Brands
Popular manuals