avaya.com
We are going to retrieve the running-config of the switch via a Telnet or SSH connection then edit the
MAC Security learned MAC addresses in a text editor to point to our Security Lists instead of the ethernet
ports and then re-inject the MAC list to the switch config.
Disable MAC security learning mode
Avaya-ERS-Switch(config)# mac-security learning disable
From a Telnet/SSH connection save the portion in red of the running-config to a text file
Avaya-ERS-Switch#% show running-config
! Embedded ASCII Configuration Generator Script
! Model = Ethernet Routing Switch 4826GTS-PWR+
! Software version = v5.6.1.053
!
! Displaying only parameters different to default
!================================================
enable
configure terminal
[...]
!
! *** MAC-Based Security ***
!
mac-security security-list 1 1-10
mac-security security-list 2 11-20
mac-security enable
mac-security mac-address-table address 00.0f.b5.08.2f.bb port 1
mac-security mac-address-table address 00.0f.b5.08.32.9f port 2
mac-security mac-address-table address 00.c0.95.c8.ff.12 port 11
mac-security mac-address-table address 00.c0.95.c8.9a.62 port 12
[...]
In a text editor, replace all occurrences of "port 1-10" with "security-list 1" & "port 11-20" with
"security-list 2"
File maclist.txt before:
configure terminal
mac-security mac-address-table address 00.0f.b5.08.2f.bb port 1
mac-security mac-address-table address 00.0f.b5.08.32.9f port 2
mac-security mac-address-table address 00.c0.95.c8.ff.12 port 11
mac-security mac-address-table address 00.c0.95.c8.9a.62 port 12
end
Avaya Inc. – Internal Distribution
November 2010
65