Manualshelf

Technical Manual

ManualsBrandsCisco ManualsSwitchesCisco Catalyst 3560E-12SD-E Switch
12345678910
!−−− Default port security configuration on the switch.
Cat3750#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Cat3750(config)#interface fastEthernet 1/0/2
Cat3750(config−if)#switchport port−security
Command rejected: FastEthernet1/0/2 is a dynamic port.
!−−− Port security can only be configured on static access ports or trunk ports.
Cat3750(config−if)#switchport mode access
!−−− Sets the interface switchport mode as access.
Cat3750(config−if)#switchport port−security
!−−− Enables port security on the interface.
Cat3750(config−if)#switchport port−security mac−address 0011.858D.9AF9
!−−− Sets the secure MAC address for the interface.
Cat3750(config−if)#switchport port−security violation shutdown
!−−− Sets the violation mode to shutdown. This is the default mode.
Cat3750#
!−−− Connected a different PC (PC 4) to the FastEthernet 1/0/2 port
!−−− to verify the port security feature.
00:22:51: %PM−4−ERR_DISABLE: psecure−violation error detected on Fa1/0/2,
putting Fa1/0/2 in err−disable state
00:22:51: %PORT_SECURITY−2−PSECURE_VIOLATION: Security violation occurred,
caused by MAC address 0011.8565.4B75 on port FastEthernet1/0/2.
00:22:52: %LINEPROTO−5−UPDOWN: Line protocol on Interface FastEthernet1/0/2,
changed state to down
00:22:53: %LINK−3−UPDOWN: Interface FastEthernet1/0/2, changed state to down
!−−− Interface shuts down when a security violation is detected.
Cat3750#show interfaces fastEthernet 1/0/2
FastEthernet1/0/2 is down, line protocol is down (err−disabled)
!−−− Output Suppressed.
!−−− The port is shown error−disabled. This verifies the configuration.
!−−− Note: When a secure port is in the error−disabled state,
!−−− you can bring it out of this state by entering
!−−− the errdisable recovery cause psecure−violation global configuration command,
!−−− or you can manually re−enable it by entering the
!−−− shutdown and no shutdown interface configuration commands.
Cat3750#show port−security interface fastEthernet 1/0/2
Port Security : Enabled
Port Status : Secure−shutdown
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 1