Example Of Port Security On An Isolated Private Vlan Host Port - Cisco Catalyst 4500 Series Software Configuration Manual
Cisco ios xe release 3.9.xe and cisco ios release 15.2(5)ex
Hide thumbs
Also See for Catalyst 4500 Series:
- Administration manual (1814 pages) ,
- Configuration manual (1610 pages) ,
- Command reference manual (1230 pages)
Table of Contents
Advertisement
Configuring Port Security on PVLAN Ports
Example of Port Security on an Isolated Private VLAN Host Port
The following example shows how to configure port security on an isolated private VLAN host port, Fast
Ethernet interface 3/12:
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# vlan 6
Switch(config-vlan)# private-vlan isolated
Switch(config-vlan)# exit
Switch(config)# vlan 3
Switch(config-vlan)# private-vlan primary
Switch(config-vlan)# private-vlan association add 6
Switch(config-vlan)# exit
Switch(config)# interface fastethernet 3/12
Switch(config-if)# switchport mode private-vlan host
Switch(config-if)# switchport private-vlan association host 3 6
Switch(config-if)# switchport port-security
Switch(config-if)# end
Configuring Port Security on a Private VLAN Promiscuous Port
To configure port security on a private VLAN promiscuous port, perform this task:
Command
Step 1
Switch# configure terminal
Step 2
Switch(config)# vlan sec_vlan_id
Step 3
Switch(config-vlan)# private-vlan isolated
Step 4
Switch(config-vlan)# exit
Step 5
Switch(config)# vlan pri_vlan_id
Step 6
Switch(config-vlan)# private-vlan primary
Step 7
Switch(config-vlan)# private-vlan association
add sec_vlan_id
Step 8
Switch(config-vlan)# exit
Step 9
Switch(config)# interface interface_id
Step 10
Switch(config-if)# switchport mode private-vlan
promiscuous
Step 11
Switch(config-if)# switchport private-vlan
mapping primary_vlan secondary_vlan
Step 12
Switch(config-if)# switchport port-security
Step 13
Switch(config-if)# end
Step 14
Switch# show port-security address
interface interface_id
Switch# show port-security address
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
55-16
Chapter 55
Purpose
Enters global configuration mode.
Specifies the VLAN.
Sets the private VLAN mode to isolated.
Returns to global configuration mode.
Specifies the VLAN.
Designates the VLAN as the primary private VLAN.
Creates an association between a secondary VLAN and a
primary VLAN.
Returns to global configuration mode.
Enters interface configuration mode and specifies the
physical interface to configure.
Specifies that the ports with a valid PVLAN mapping
become active promiscuous ports.
Configures a private VLAN for the promiscuous ports.
Enables port security on the interface.
Returns to privileged EXEC mode.
Verifies your entries.
Configuring Port Security
Advertisement
Chapters
Table of Contents
Troubleshooting
