Port Security Mode - Cisco 300 Series Cli Manual
Small business 300 series managed switches
command line interface guide release 1.3
Hide thumbs
Also See for 300 Series:
- Cli manual (1117 pages) ,
- Administration manual (586 pages) ,
- Quick start manual (72 pages)
Table of Contents
Advertisement
29
430
Command Mode
Interface Configuration (Ethernet, port-channel) mode
User Guidelines
The command may be used only when the interface in the regular (non-secure
with unlimited MAC learning) mode.
See the
bridge unicast unknown
attributes (type and time-to-live) definitions.
When the port security command enables the lock mode on a port all dynamic
addresses learned on the port are changed to permanent secure addresses.
When the port security command enables a mode on a port differing from the lock
mode all dynamic addresses learned on the port are deleted.
When the no port security command cancels a secure mode on a port all secure
addresses defined on the port are changed to dynamic addresses.
Additionally to set a mode, use the port security command to set an action that the
switch should perform on a frame which source MAC address cannot be learned.
Example
The following example forwards all packets to port gi1 without learning addresses
of packets from unknown sources and sends traps every 100 seconds, if a packet
with an unknown source address is received.
switchxxxxxx(config)interface gi7
switchxxxxxx(config-if)
switchxxxxxx(config-if)
switchxxxxxx(config-if)
29.23 port security mode
Use the port security mode Interface Configuration (Ethernet, port-channel) mode
command configures the port security learning mode. Use the no form of this
command to restore the default configuration.
Syntax
port security mode {max-addresses | lock | secure permanent |secure
delete-on-reset}
command for information about MAC address
port security mode lock
port security forward trap 100
exit
78-21075-01 Command Line Interface Reference Guide
Address Table Commands
Advertisement
Table of Contents
