Cisco SR224T Administration Guide - Page 239

Configuring Security Configuring Port Security 17 addresses allowed on the port (set by Max No. of Addresses Allowed). Relearning and aging are enabled. • Secure Delete on Reset-Deletes the current dynamic MAC addresses associated with the port after reset. New MAC addresses can be learned as Delete-On-Reset ones up to the maximum addresses allowed on the port. Relearning and aging are disabled. When a frame from a new MAC address is detected on a port where it is not authorized (the port is classically locked, and there is a new MAC address, or the port is dynamically locked, and the maximum number of allowed addresses has been exceeded), the protection mechanism is invoked, and one of the following actions can take place: • Frame is discarded • Frame is forwarded • Port is shut down When the secure MAC address is seen on another port, the frame is forwarded, but the MAC address is not learned on that port. In addition to one of these actions, you can also generate traps, and limit their frequency and number to avoid overloading the devices. NOTE Traps are SYSLOG-related traps, not generated through SNMP. NOTE To use 802.1X on a port, it must be in multiple host or multi session modes. Port security on a port cannot be set if the port is in single mode (see the 802.1x, Host and Session Authentication page). To configure port security: STEP 1 Click Security > Port Security. The Port Security page is displayed. Port Security Page STEP 2 Select an interface to be modified, and click Edit. The Edit Port Security Interface Settings page is displayed. STEP 3 Enter the parameters. • Interface-Select the interface name. • Interface Status-Select to lock the port. Cisco Small Business 200 Series Smart Switch Administration Guide 240