Specifications

ManualsBrandsCisco ManualsComputer equipmentIE 2000

141

142

143

144

145

146

147

148

149

150

9-17

System Management Software Configuration Guide for Cisco IE 2000U and Connected Grid Switches

Chapter 9 Configuring Port-Based Traffic Control

Configuring Port Security

DETAILED STEPS

To disable port security aging for all secure addresses on a port, use the no switchport port-security

aging time interface configuration command. To disable aging for only statically configured secure

addresses, use the no switchport port-security aging static interface configuration command.

EXAMPLE

This example shows how to set the aging time as 2 hours for the secure addresses on a port:

Switch(config)# interface gigabitethernet0/1

Switch(config-if)# switchport port-security aging time 120

This example shows how to set the aging time as 2 minutes for the inactivity aging type with aging

enabled for the configured secure addresses on the interface:

Switch(config-if)# switchport port-security aging time 2

Switch(config-if)# switchport port-security aging type inactivity

Switch(config-if)# switchport port-security aging static

Command Purpose

Step 1

configure terminal Enter global configuration mode.

Step 2

interface interface-id Specify the interface to configure, and enter interface

configuration mode.

Step 3

no shutdown Enable the port, if necessary. By default, UNIs and

ENIs are disabled, and NNIs are enabled.

Step 4

switchport port-security aging {static | time

time | type {absolute | inactivity}}

Enable or disable static aging for the secure port, or

set the aging time or type.

Note The switch does not support port security

aging of sticky secure addresses.

Enter static to enable aging for statically configured

secure addresses on this port.

For time, specify the aging time for this port. The valid

range is from 0 to 1440 minutes.

For type, select one of these keywords:

• absolute—Sets the aging type as absolute aging.

All the secure addresses on this port age out exactly

after the time (minutes) specified lapses and are

removed from the secure address list.

• inactivity—Sets the aging type as inactivity aging.

The secure addresses on this port age out only if

there is no data traffic from the secure source

addresses for the specified time period.

Step 5

end Return to privileged EXEC mode.

Step 6

show port-security [interface interface-id]

[address]

Verify your entries.

Step 7

copy running-config startup-config (Optional) Save your entries in the configuration file.