Technical data
378
Chapter 12: Initial Switch Configuration
CertPrs8/CCNA
®
Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12
Configured MAC Addresses : 1
Aging time : 0 mins
Aging type : Absolute
SecureStatic address aging : Disabled
Security Violation count : 0
In this example, you can see that port security is enabled, the violation mode is restrict,
the maximum number of MAC addresses that can be connected to the port is 1, and
one MAC address has to be statically configured for the port. At the bottom of the
output, you can see that no security violations have occurred on the port.
To see an overview configuration of port security on your switch, use the show
port-security command:
switch# show port-security
Port MaxSecureAddr CurrentAddr SecurityViolation Security Action
(Count) (Count) (Count)
------------------------------------------------------------------
Fa0/1 10 10 0 Shutdown
Fa0/2 1 1 0 Restrict
.
.
.
------------------------------------------------------------------
Total Addresses in System :21
Max Addresses limit in System :6176
In this example, 10 MAC addresses can be learned off of FA0/1, 10 have been
learned, and the violation mode is shut down; but currently no violations have
occurred on the port.
To see the MAC addresses statically defined or dynamically learned with port
security, use the show port-security address command:
IOS# show port-security address
Secure Mac Address Table
-----------------------------------------------------------
Vlan Mac Address Type Ports Remaining Age
(mins)
---- -------------- ----------------- ----- -------------
1 0001.0001.0011 SecureDynamic Fa0/1 15 (I)
1 0001.0001.0022 SecureDynamic Fa0/1 15 (I)
1 0001.0001.1144 SecureConfigured Fa0/1 -
.
.
.
----------------------------------------------------------------
Total Addresses in System :21
Max Addresses limit in System :6176
ch12.indd 378 3/12/08 4:45:13 PM