C
L
OMMAND
INE
Port Security Commands
These commands can be used to disable the learning function or manually
specify secure addresses for a port. You may want to leave port security off
for an initial training period (i.e., enable the learning function) to register
all the current VLAN members on the selected port, and then enable port
security to ensure that the port will drop any incoming frames with a
source MAC address that is unknown or has been previously learned from
another port.
Command
port security
mac-address-table static Maps a static address to a port in a
show mac-address-table Displays entries in the
port security
This command enables or configures port security. Use the no form
without any keywords to disable port security. Use the no form with the
appropriate keyword to restore the default settings for a response to
security violation or for the maximum number of allowed addresses.
Syntax
port security [action {shutdown | trap | trap-and-shutdown}
| max-mac-count address-count]
no port security [action | max-mac-count]
• action - Response to take when port security is violated.
• shutdown - Disable port only.
• trap - Issue SNMP trap message only.
• trap-and-shutdown - Issue SNMP trap message and disable port.
• max-mac-count
• address-count - The maximum number of MAC addresses that can be
learned on a port. (Range: 0 - 20)
4-102
I
NTERFACE
Table 4-30 Port Security Commands
Function
Configures a secure port
VLAN
bridge-forwarding database
Mode Page
IC
4-102
GC
4-201
PE
4-203