Cisco Catalyst 4500 Series Software Configuration Manual page 1477
Cisco ios xe release 3.9.xe and cisco ios release 15.2(5)ex
Hide thumbs
Also See for Catalyst 4500 Series:
- Administration manual (1814 pages) ,
- Configuration manual (1610 pages) ,
- Command reference manual (1230 pages)
Table of Contents
Advertisement
Chapter 55
Configuring Port Security
Figure 55-1
Dynamic addresses secured on an isolated private VLAN host port on private VLANs are secured on the
Note
secondary VLANs, and not primary VLANs.
To configure port security on an isolated private VLAN host port, perform this task:
Command
Step 1
Switch# configure terminal
Step 2
Switch(config)# vlan sec_vlan_id
Step 3
Switch(config-vlan)# private-vlan isolated
Step 4
Switch(config-vlan)# exit
Step 5
Switch(config)# vlan pri_vlan_id
Step 6
Switch(config-vlan)# private-vlan primary
Step 7
Switch(config-vlan)# private-vlan association
add sec_vlan_id
Step 8
Switch(config-vlan)# exit
Step 9
Switch(config)# interface interface_id
Step 10
Switch(config-if)# switchport mode private-vlan
host
Step 11
Switch(config-if)# switchport private-vlan
host-association primary_vlan secondary_vlan
Step 12
Switch(config-if)# [no] switchport port-security
Step 13
Switch(config-if)# end
Step 14
Switch# show port-security address
interface interface_id
Switch# show port-security address
Port Security on Isolated Private VLAN Host Ports
Layer 2 switch
Promiscuous port
a
b
X
PC
PC
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Router
Port security
implemented on
isolated VLAN
host ports a and b
Purpose
Enter global configuration mode.
Specifies a secondary VLAN.
Sets the private VLAN mode to isolated.
Returns to global configuration mode.
Specifies a primary VLAN.
Specifies the VLAN as the primary private VLAN.
Creates an association between a secondary VLAN and a
primary VLAN.
Returns to global configuration mode.
Enters interface configuration mode and specifies the
physical interface to configure.
Specifies that the ports with a valid private VLAN trunk
association become active host private VLAN trunk ports.
Establishes a host association on an isolated host port.
Enables port security on the interface.
Returns to privileged EXEC mode.
Verifies your entries.
Configuring Port Security on PVLAN Ports
55-15
Advertisement
Chapters
Table of Contents
Troubleshooting
