Adding Authorized Port Pairs - Cisco AJ732A - MDS 9134 Fabric Switch Configuration Manual
Cisco nexus 5000 series switch cli software configuration guide, nx-os 4.0(1a)n1 (ol-16597-01, january 2009)
Hide thumbs
Also See for AJ732A - Cisco MDS 9134 Fabric Switch:
- Command reference manual (1640 pages) ,
- Messages manual (518 pages) ,
- Installation manual (288 pages)
Table of Contents
Advertisement
Chapter 45
Configuring Port Security
S e n d f e e d b a c k t o n x 5 0 0 0 - d o c f e e d b a c k @ c i s c o . c o m
•
•
•
•
•
•
Adding Authorized Port Pairs
After identifying the WWN pairs that need to be bound, add those pairs to the port security database.
Remote switch binding can be specified at the local switch. To specify the remote interfaces, you can
Tip
use either the fWWN or sWWN-interface combination.
To add authorized port pairs for port security, perform this task:
Command
Step 1
switch# configuration terminal
switch(config)#
Step 2
switch(config)# port-security database vsan
vsan-id
switch(config-port-security)#
switch(config)# no port-security database vsan
vsan-id
switch(config)#
Step 3
switch(config-port-security)# swwn swwn-id
interface san-port-channel 5
Step 4
switch(config-port-security)# any-wwn interface fc
slot/port - fc slot/port
This example enters the port security database mode for VSAN 2:
switch(config)# port-security database vsan 2
This example configures the specified sWWN to only log in through SAN port channel 5:
switch(config-port-security)# swwn 20:01:33:11:00:2a:4a:66 interface san-port-channel 5
This example configures the specified pWWN to log in through the specified interface in the specified
switch:
switch(config-port-security)# pwwn 20:11:33:11:00:2a:4a:66 swwn 20:00:00:0c:85:90:3e:80
interface fc 3/2
This example configures any WWN to log in through the specified interface in any switch:
OL-16597-01
If an N port's nWWN is bound to an F port WWN, then all pWWNs in the N port are implicitly
paired with the F port.
TE port checking is done on each VSAN in the allowed VSAN list of the VSAN trunk port.
All port channel xE ports must be configured with the same set of WWNs in the same SAN port
channel.
E port security is implemented in the port VSAN of the E port. In this case, the sWWN is used to
secure authorization checks.
Once activated, the configuration database can be modified without any effect on the active
database.
By saving the running configuration, you save the configuration database and activated entries in the
active database. Learned entries in the active database are not saved.
Purpose
Enters configuration mode.
Enters the port security database mode for
the specified VSAN.
Deletes the port security configuration
database from the specified VSAN.
Configures the specified sWWN to only
log in through SAN port channel 5.
Configures any WWN to log in through
the specified interfaces.
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
Port Security Manual Configuration
45-11
- Quick Links:
- Cisco Nexus 5000 Series Switch Hardware
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
