Cisco WS-C4003 Software Guide - Page 255
Specifying Shutdown Time, Disabling Port Security
View all Cisco WS-C4003 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 255 highlights
Chapter 16 Configuring Port Security Configuring Port Security Note If you restrict the number of secure MAC addresses on a port to one and additional hosts attempt to connect to that port, port security blocks these additional hosts from being connected to that port as well as to any other port in the same VLAN for the duration of the VLAN aging time. By default, the VLAN aging time is five minutes. If a host is blocked from joining a port in the same VLAN as the secured port, allow the VLAN aging time to expire before you attempt to connect the host to the port again. Specifying Shutdown Time You can specify how long a port remains disabled in case of a security violation. By default, the port is shut down permanently. The valid range is 10 to 1440 minutes. If the time is set to zero, the shutdown is disabled for this port. Note When the shutdown timeout expires, the port is reenabled and all port security-related configuration is maintained. To set the shutdown timeout, perform this task in privileged mode: Task Set the shutdown timeout on a port. Command set port security mod_num/port_num shutdown time This example sets the shutdown time to 600 minutes on port 4/7: Console> (enable) set port security 4/7 shutdown 600 Secure address shutdown time set to 600 minutes for port 4/7. Console> (enable) Disabling Port Security To disable port security, perform this task in privileged mode: Step 1 Step 2 Task Disable port security on the desired ports. Verify the configuration. Command set port security mod_num/port_num disable show port security [mod_num/port_num] This example shows how to disable security on a port: Console> (enable) set port security 2/1 disable Port 2/1 port security disabled. Console> (enable) Console> (enable) show port security 2/1 Port Security Violation Shutdown-Time Age-Time Max-Addr Trap IfIndex 3/24 disabled restrict 20 300 10 disabled 921 Port Num-Addr Secure-Src-Addr Age-Left Last-Src-Addr Shutdown/Time-Left 78-12647-02 Software Configuration Guide-Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4 16-7