Cisco Nexus 5000 Series Switch CLI Software Configuration Guide (OL-16597-01, July 2009)
If you force the activation, existing devices are logged out if they violate the active database.Note
You can view missing or conflicting entries using the port-security database diff active vsan command in
EXEC mode.
To forcefully activate the port security database, perform this task:
Procedure
PurposeCommand or Action
Enters configuration mode.switch# configuration terminal
Step 1
Forces the port security database to activate for
the specified VSAN even if conflicts occur.
switch(config)# port-security activate vsan
vsan-id force
Step 2
Database Reactivation
If auto-learning is enabled, you cannot activate the database without the force option until you disable
auto-learning.
Tip
To reactivate the port security database, perform this task:
Procedure
PurposeCommand or Action
Enters configuration mode.switch# configuration terminal
Step 1
Disables auto-learning and stops the switch from
learning about new devices accessing the switch.
switch(config)# no port-security
auto-learn vsan vsan-id
Step 2
Enforces the database contents based on the devices
learned up to this point.
switch(config)# exit
Step 3
Copies from the active to the configured database.switch# port-security database copy
vsan vsan-id
Step 4
Re-enters configuration mode.switch# configuration terminal
Step 5
Activates the port security database for the
specified VSAN, and automatically enables
auto-learning.
switch(config)# port-security activate
vsan vsan-id
Step 6
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
640 OL-16597-01
Configuring Port Security
Database Reactivation