Switchport Port-Security - Cisco Nexus 7000 Series Command Reference Manual

S Commands

switchport port-security

To enable port security on a Layer 2 Ethernet interface or Layer 2 port-channel interface, use the switchport
port-security command. To remove port security configuration, use the no form of this command.
switchport port-security
no switchport port-security
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
Interface configuration
Command History
Release
4.2(1)
4.0(1)
Usage Guidelines
Per interface, port security is disabled by default.
You must configure the interface as a Layer 2 interface by using the switchport command before you can
use the switchport port-security command.
You must enable port security by using the feature port-security command before you can use the switchport
port-security command.
If port security is enabled on any member port of the Layer 2 port-channel interface, the device does not allow
you to disable port security on the port-channel interface. To do so, remove all secure member ports from the
port-channel interface first. After disabling port security on a member port, you can add it to the port-channel
interface again, as needed.
Enabling port security on an interface also enables the default method for learning secure MAC addresses,
which is the dynamic method. To enable the sticky learning method, use the switchport port-security
mac-address sticky command.
This command does not require a license.
Examples This example shows how to enable port security on the Ethernet 2/1 interface:
switch# configure terminal
switch(config)# interface ethernet 2/1
switch(config-if)# switchport port-security
switch(config-if)#
Modification
Support for Layer 2 port-channel interfaces was added.
This command was introduced.
Cisco Nexus 7000 Series Security Command Reference
switchport port-security
675