Cisco SLM2024 Administration Guide - Page 44

Unchecked, Classic Lock, Limited Dynamic Lock, Discard, Forward Not on Device, Shutdown - will not reset

Get Cisco SLM2024 - Small Business Smart Switch PDF manuals and user guides
UPC - 745883580002
View all Cisco SLM2024 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 44 highlights

Security Port Security 5 • Lock Interface - Configures and indicates the port security status. The possible field values are: - Unchecked - Indicates that the port is currently unlocked. This is the default value. - Checked - Indicates that the port is currently locked. • Learning Mode - Defines the locked port type. The Learning Mode field is enabled only if Locked is not selected in the Lock Interface Status field. The possible field values are: - Classic Lock - Locks the port using the classic lock mechanism. The port is immediately locked, regardless of the number of addresses that have already been learned. MAC addresses that were already learned on the port are permitted. All other MACs are considered unauthorized. - Limited Dynamic Lock - The device learns MAC addresses up to the maximum addresses allowed on the port, after which any new MAC is considered unauthorized. Both relearning and aging of MAC addresses are enabled. In order to change the Learning Mode, the Lock Interface must be set to Unlocked. Once the mode is changed, the Lock Interface can be reinstated. • Max Entries - Specifies the number of MAC addresses that can be learned on the port. The Max Entries field is enabled only if Locked is Not selected in the Lock Interface Status field. In addition, the Limited Dynamic Lock mode is selected. The default is 1. • Action on Violation - Indicates the action to be applied to unauthorized packets arriving on a locked port. The possible field values are: - Discard - Discards packets from any unknown source. This is the default value. - Forward Not on Device - Forwards packets from an unknown source without learning the MAC address. - Shutdown - Discards packets from any unknown source and shuts down the port. The port remains shut down until reactivated, or until the device is reset. STEP 2 Define the relevant fields. STEP 3 Click Save Settings. The settings are modified, and the device is updated. Cisco Small Business SLM Series Smart Switches Administration Guide 40

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
Security
Port Security
Cisco Small Business SLM Series Smart Switches Administration Guide
40
5
Lock Interface
— Configures and indicates the port security status. The
possible field values are:
-
Unchecked
— Indicates that the port is currently unlocked. This is the
default value.
-
Checked
— Indicates that the port is currently locked.
Learning Mode
— Defines the locked port type. The Learning Mode field is
enabled only if Locked is not selected in the Lock Interface Status field. The
possible field values are:
-
Classic Lock
— Locks the port using the classic lock mechanism. The
port is immediately locked, regardless of the number of addresses that
have already been learned. MAC addresses that were already learned
on the port are permitted. All other MACs are considered unauthorized.
-
Limited Dynamic Lock
— The device learns MAC addresses up to the
maximum addresses allowed on the port, after which any new MAC is
considered unauthorized. Both relearning and aging of MAC addresses
are enabled. In order to change the Learning Mode, the Lock Interface
must be set to Unlocked. Once the mode is changed, the Lock Interface
can be reinstated.
Max Entries
— Specifies the number of MAC addresses that can be learned
on the port. The Max Entries field is enabled only if Locked is Not selected
in the Lock Interface Status field. In addition, the Limited Dynamic Lock
mode is selected. The default is 1.
Action on Violation
— Indicates the action to be applied to unauthorized
packets arriving on a locked port. The possible field values are:
-
Discard
— Discards packets from any unknown source. This is the
default value.
-
Forward Not on Device
— Forwards packets from an unknown source
without learning the MAC address.
-
Shutdown
— Discards packets from any unknown source and shuts
down the port. The port remains shut down until reactivated, or until the
device is reset.
STEP 2
Define the relevant fields.
STEP 3
Click
Save Settings
. The settings are modified, and the device is updated.