Port Security Activation - Cisco DS-X9530-SF1-K9 - Supervisor-1 Module - Control Processor Configuration Manual

Port Security Activation

S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m .
To configure port security, follow these steps:
Command
Step 1
switch# config t
switch(config)#
Step 2
switch(config)# port-security database vsan 1
switch(config-port-security)#
switch(config)# no port-security database vsan 1
switch(config)#
Step 3
switch(config-port-security)# swwn
20:01:33:11:00:2a:4a:66 interface port-channel 5
switch(config-port-security)# any-wwn interface
fc1/1 - fc1/8
switch(config-port-security)# pwwn
20:11:00:33:11:00:2a:4a fwwn
20:81:00:44:22:00:4a:9e
switch(config-port-security)# no pwwn
20:11:00:33:11:00:2a:4a fwwn
20:81:00:44:22:00:4a:9e
switch(config-port-security)# nwwn
26:33:22:00:55:05:3d:4c fwwn
20:81:00:44:22:00:4a:9e
switch(config-port-security)# pwwn
20:11:33:11:00:2a:4a:66
switch(config-port-security)# pwwn
20:11:33:11:00:2a:4a:66 swwn
20:00:00:0c:85:90:3e:80
switch(config-port-security)# pwwn
20:11:33:11:00:2a:4a:66 swwn
20:00:00:0c:85:90:3e:80 interface fc3/1
switch(config-port-security)# any-wwn interface
fc3/1
switch(config-port-security)# no any-wwn interface
fc2/1
Port Security Activation
By default, the port security feature is not activated in any switch in the Cisco MDS 9000 Family.
When you activate the port security feature, the following apply:
•
•
•
After the database is activated, subsequent device login is subject to the activated port bound WWN
pairs.
Cisco MDS 9000 Family Configuration Guide
32-4
Auto-learning is also automatically enabled. When auto-learning is enabled, the following apply:
From this point, learning happens only for the devices or interfaces that were not activated.
–
You will not be allowed to activate the database till you disable learning.
–
All the logged-in devices are learned and are added to the active database
All entries in the configured database are copied to the active database.
Chapter 32 Configuring Port Security
Purpose
Enters configuration mode.
Enters the port security database mode for
the specified VSAN.
Deletes the port security configuration
database from the specified VSAN.
Configures the specified sWWN to only
log in through PortChannel 5.
Configures any WWN to log in through
the specified interfaces.
Configures the specified pWWN to only
log in through the specified fWWN.
Deletes the specified pWWN configured
in the previous step.
Configures the specified nWWN to log in
through the specified fWWN.
Configures the specified pWWN to log in
through any port in the fabric.
Configures the specified pWWN to log in
through any interface in the specified
switch.
Configures the specified pWWN to log in
through the specified interface in the
specified switch
Configures any WWN to log in through
the specified interface in any switch.
Deletes the wildcard configured in the
previous step.
OL-6973-03, Cisco MDS SAN-OS Release 2.x