Switchport Port-Security - Cisco Catalyst 3550 Command Reference Manual
Multilayer switch
Hide thumbs
Also See for Catalyst 3550:
- Command reference manual (662 pages) ,
- Installation manual (154 pages) ,
- Hardware installation manual (106 pages)
Table of Contents
Advertisement
Chapter 2 Catalyst 3550 Switch Cisco IOS Commands
switchport port-security
Use the switchport port-security interface configuration command without keywords to enable port
security on the interface. Use the keywords to configure secure MAC addresses, sticky MAC address
learning, a maximum number of secure MAC addresses, or the violation mode. Use the no form of this
command to disable port security or to set the parameters to their default states.
Syntax Description
aging
mac-address mac-address
vlan vlan-id
vlan access
vlan voice
mac-address sticky
[mac-address]
maximum value
vlan [vlan-list]
OL-8566-01
switchport port-security [mac-address mac-address [vlan {vlan-id | {access | voice}}] |
mac-address sticky [mac-address | vlan {vlan-id | {access | voice}}]] [maximum value [vlan
{vlan-list | {access | voice}}]]
no switchport port-security [mac-address mac-address [vlan {vlan-id | {access | voice}}] |
mac-address sticky [mac-address | vlan {vlan-id | {access | voice}}]] [maximum value [vlan
{vlan-list | {access | voice}}]]
switchport port-security [aging] [violation {protect | restrict | shutdown}]
no switchport port-security [aging] [violation {protect | restrict | shutdown}]
(Optional) See the
switchport port-security aging
(Optional) Specify a secure MAC address for the interface by entering
a 48-bit MAC address. You can add additional secure MAC addresses
up to the maximum value configured.
(Optional) On a trunk port only, specify the VLAN ID and the MAC
address. If no VLAN ID is specified, the native VLAN is used.
(Optional) On an access port, specify the VLAN as an access VLAN.
(Optional) On an access port, specify the VLAN as a voice VLAN.
The voice keyword is available only if voice VLAN is
Note
configured on a port and if that port is not the access VLAN.
(Optional) Enable the interface for sticky learning by entering only the
mac-address sticky keywords. When sticky learning is enabled, the
interface adds all secure MAC addresses that are dynamically learned to
the running configuration and converts these addresses to sticky secure
MAC addresses.
(Optional) Enter a mac-address to specify a sticky secure MAC address.
(Optional) The maximum number of available addresses is determined
by the active Switch Database Management (SDM) template. The
default is 1.
(Optional) For trunk ports, you can set the maximum number of secure
MAC addresses on a VLAN. If the vlan keyword is not entered, the
default value is used.
•
vlan—set a per-VLAN maximum value.
•
vlan vlan-list—set a per-VLAN maximum value on a range of
VLANs separated by a hyphen or a series of VLANs separated by
commas. For nonspecified VLANs, the per-VLAN maximum value
is used.
Catalyst 3550 Multilayer Switch Command Reference
switchport port-security
command.
2-589
Advertisement
Chapters
Table of Contents
