Configuring Port Security
Committing the Changes, on page 267
Copying the Port Security Database, on page 273
Disabling Auto-Learning, on page 261
Enabling Port Security, on page 257
Enabling Port Security Distribution, on page 266
Configuring Port Security with Auto-Learning without CFS
You can configure port security using auto-learning without Cisco Fabric Services (CFS).
Step 1
Enable port security.
Step 2
Activate port security on each VSAN, which turns on auto-learning by default.
Step 3
Wait until all switches and all hosts are automatically learned.
Step 4
Disable auto-learning on each VSAN.
Step 5
Copy the active database to the configured database on each VSAN.
Step 6
Copy the running configuration to the startup configuration, which saves the port security configuration database to the
startup configuration.
Step 7
Repeat the above steps for all switches in the fabric.
Related Topics
Activating Port Security, on page 257
Copying the Port Security Database, on page 273
Disabling Auto-Learning, on page 261
Enabling Port Security, on page 257
Configuring Port Security with Manual Database Configuration
You can configure port security and manually configure the port security database.
Step 1
Enable port security.
Step 2
Manually configure all port security entries into the configured database on each VSAN.
Step 3
Activate port security on each VSAN. This action turns on auto-learning by default.
Step 4
Disable auto-learning on each VSAN.
Step 5
Copy the running configuration to the startup configuration, which saves the port security configuration database to the
startup configuration.
Step 6
Repeat the above steps for all switches in the fabric.
Cisco Nexus 5000 Series NX-OS SAN Switching Configuration Guide, Release 5.2(1)N1(1)
256
Configuring Port Security
OL-27583-01