Port Mode Changes - Cisco Catalyst 4500 series Administration Manual
Hide thumbs
Also See for Catalyst 4500 series:
- Software configuration manual (2086 pages) ,
- Configuration manual (1610 pages) ,
- Command reference manual (1230 pages)
Table of Contents
Advertisement
Configuring Port Security on Voice Ports
Port Mode Changes
Generally, when a port mode changes, all dynamic addresses associated with that port are removed. All
static or sticky addresses and other port security parameters configured on the native VLAN are moved
to the native VLAN of the port in the new mode. All the addresses on the non-native VLANs are
removed.
The native VLAN refers to the following VLAN on the specified port type:
Port Type
access
trunk
isolated
promiscuous
private VLAN trunk
.1Q tunnel
For example, when the mode changes from access to private VLAN trunk, all the static or sticky
addresses configured on the access VLAN of the access port are moved to the private VLAN native
VLAN of the private VLAN trunk port. All other addresses are removed.
Similarly, when the mode changes from private VLAN trunk to access mode, all the static or sticky
addresses configured on the private VLAN native VLAN are moved to the access VLAN of the access
port. All other addresses are removed.
When a port is changed from trunk to private VLAN trunk, addresses associated with a VLAN on the
trunk are retained if that VLAN is present in the allowed list of private VLAN trunk or the secondary
VLAN of an association on the private VLAN trunk. If the VLAN is not present in either of them, the
address is removed from the running configuration.
When a port is changed from private VLAN trunk to trunk, a static or sticky address is retained if the
VLAN associated with the address is present in the allowed VLAN list of the trunk. If the VLAN is not
present in the allowed list, the address is removed from running configuration.
Configuring Port Security on Voice Ports
You might want to configure port security in an IP phone environment when a port is configured with a
data VLAN for a PC and a voice VLAN for a Cisco IP Phone.
These sections describe how to configure port security on voice ports:
•
•
•
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
49-22
Native VLAN
access VLAN
native VLAN
secondary VLAN (from host association)
primary VLAN (from mapping)
private VLAN trunk native VLAN
access VLAN
Configuring Port Security on Voice Ports, page 49-23
Examples of Voice Port Security, page 49-25
Voice Port Security Configuration Guidelines and Restrictions, page 49-27
Chapter 49
Configuring Port Security
OL_28731-01
Advertisement
Chapters
Table of Contents
Troubleshooting
