Cisco WS-C4003 Software Guide - Page 252
Enabling Port Security
View all Cisco WS-C4003 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 252 highlights
Configuring Port Security Chapter 16 Configuring Port Security Enabling Port Security Port security is either autoconfigured or enabled manually by specifying a MAC address. If a MAC address is not specified, the source address from the incoming traffic is autoconfigured and secured, up to the maximum number of MAC addresses allowed. These autoconfigured MAC Addresses remain secured for a time, depending upon the aging timer set. The autoconfigured MAC Addresses are cleared from the port in case of a link-down event. To enable port security, perform this task in privileged mode: Step 1 Step 2 Step 3 Task Enable port security on the desired ports. If desired, specify the secure MAC address. You can add MAC addresses to the list of secure addresses. Verify the configuration. Command set port security mod_num/port_num enable [mac_addr] set port security mod_num/port_num mac_addr show port [mod_num[/port_num]] This example shows how to enable port security using the learned MAC address on a port and verify the configuration: Console> (enable) set port security 2/1 enable Port 2/1 port security enabled with the learned mac address. Trunking disabled for Port 2/1 due to Security Mode Console> (enable) show port 2/1 Port Name Status Vlan Level Duplex Speed Type 2/1 connected 522 normal half 100 100BaseTX Port Security Secure-Src-Addr Last-Src-Addr Shutdown Trap IfIndex 2/1 enabled 00-90-2b-03-34-08 00-90-2b-03-34-08 No disabled 1081 Port Broadcast-Limit Broadcast-Drop 2/1 - 0 Port Align-Err FCS-Err Xmit-Err Rcv-Err UnderSize 2/1 0 0 0 0 0 Port Single-Col Multi-Coll Late-Coll Excess-Col Carri-Sen Runts Giants 2/1 0 0 0 0 0 0 0 Last-Time-Cleared Fri Jul 10 1998, 17:53:38 This example shows how to enable port security on a port and manually specify the secure MAC address: Console> (enable) set port security 2/1 enable 00-90-2b-03-34-08 Port 2/1 port security enabled with 00-90-2b-03-34-08 as the secure mac address Trunking disabled for Port 2/1 due to Security Mode Console> (enable) 16-4 Software Configuration Guide-Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4 78-12647-02