Table of Contents
Advertisement
Configuring Port Security
Clearing MAC Addresses
Enter the clear port security command to clear MAC addresses from a list of secure addresses on a port.
Note
If the clear command is executed on a MAC address that is in use, that MAC address may be learned
and made secure again. We recommend that you disable port security before you clear MAC addresses.
To clear all or a particular MAC address from the list of secure MAC addresses, perform this task in
privileged mode:
Task
Clear all or a particular MAC address from the list
of secure MAC addresses.
This example removes one MAC address from the secure address list on port 4/7:
Console> (enable) clear port security 4/7 00-11-22-33-44-55
00-11-22-33-44-55 cleared from secure address list for port 4/7
Console> (enable)
This example removes all MAC addresses from ports 4/5-7:
Console> (enable) clear port security 4/5-7 all
All addresses cleared from secure address list for ports 4/5-7
Console> (enable)
Specifying Security Violation Action
The port can be set for the following two modes to handle a security violation:
•
•
To specify the security violation action to be taken, perform this task in privileged mode:
Task
Set the violation action on a port.
This example sets the port to drop all packets that are coming in on the port from insecure hosts:
Console> (enable) set port security 4/7 violation restrict
Port security violation on port 4/7 will cause insecure packets to be dropped.
Console> (enable)
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
16-6
Shutdown—Shuts down the port permanently or for a specified time. Permanent shutdown is the
default mode.
Restrict—Drops all packets from insecure hosts but remains enabled.
Chapter 16
Command
clear port security mod_num/port_num
{mac_addr | all}
Command
set port security mod_num/port_num violation
{shutdown | restrict}
Configuring Port Security
78-12647-02
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
