Table of Contents
Advertisement
Configuring Port Security
Table 22-3
Table 22-3
Type of Port or Feature on Port
DTP
Trunk port
Dynamic-access port
SPAN source port
SPAN destination port
EtherChannel
Protected port
IEEE 802.1x port
Voice VLAN port
1. DTP = Dynamic Trunking Protocol
2. A port configured with the switchport mode dynamic interface configuration command.
3. A VLAN Query Protocol (VQP) port configured with the switchport access vlan dynamic interface configuration command.
4. You must set the maximum allowed secure addresses on the port to two plus the maximum number of secure addresses
Enabling and Configuring Port Security
Beginning in privileged EXEC mode, follow these steps to restrict input to an interface by limiting and
identifying MAC addresses of the stations allowed to access the port:
Command
Step 1
configure terminal
Step 2
interface interface-id
Step 3
switchport mode {access | trunk}
Step 4
switchport voice vlan vlan-id
Step 5
switchport port-security
Catalyst 2928 Switch Software Configuration Guide
22-12
summarizes port security compatibility with other port-based features.
Port Security Compatibility with Other Switch Features
1
2
port
3
4
allowed on the access VLAN.
Purpose
Enter global configuration mode.
Specify the interface to be configured, and enter interface configuration
mode.
Set the interface switchport mode as access or trunk; an interface in the
default mode (dynamic auto) cannot be configured as a secure port.
Enable voice VLAN on a port.
vlan-id—Specify the VLAN to be used for voice traffic.
Enable port security on the interface.
Chapter 22
Configuring Port-Based Traffic Control
Compatible with Port Security
No
Yes
No
Yes
No
No
Yes
Yes
Yes
OL-23389-01
Advertisement
Table of Contents
Troubleshooting
