Specifications
CHAPTER 7
Campus Network Security
TABLE 7-1 Port Security Commands
Command Description
switchport port-security Enables port security on that interface.
switchport port-security Specifies the max MAC addresses allowed on this port. Default is 1.
maximum value
switchport port-security
Configures the action to be taken when the maximum number is reached and a MAC address
violation {shutdown | not associated with the port attempts to use the port, or when a station whose MAC address
restrict | protect} is associated with a different port attempt to access this port. Default is shutdown.
switchport port-security Statically associates a specific MAC address with a port.
mac-address mac-address
switchport port-security
Enables the switch port to dynamically learn secure MAC addresses. MAC addresses learned
mac-address sticky through that port, up to the maximum number, if a maximum is configured, are treated as
secure MAC addresses.
show port security [interface Verifies port security actions.
interface | address]
The following commands show how to verify the port security configuration:
Switch# show port-security interface fa 1/0/15
Port Security : Enabled
Port Status : Secure-Up
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
[ 81 ]
© 2010 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Please see page 112 for more details.
CCNP SWITCH 642-813 Quick Reference by Denise Donohue