Configuring Port Security With Auto-Learning Without Cfs; Configuring Port Security With Manual Database Configuration - Cisco AP776A - Nexus Converged Network Switch 5020 Configuration Manual
Cisco mds 9000 family cli configuration guide - release 4.x (ol-18084-01, february 2009)
Hide thumbs
Also See for AP776A - Nexus Converged Network Switch 5020:
- Command reference manual (1640 pages) ,
- Configuration manual (1486 pages) ,
- Reference (886 pages)
Table of Contents
Advertisement
Port Security Configuration Guidelines
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Step 3
Activate port security on each VSAN. This turns on auto-learning by default. See the
Security" section on page
Issue a CFS commit to copy this configuration to all switches in the fabric. See the
Step 4
Changes" section on page
Wait until all switches and all hosts are automatically learned.
Step 5
Disable auto-learn on each VSAN. See
Step 6
Issue a CFS commit to copy this configuration to all switches in the fabric. See the
Step 7
Changes" section on page
into a static active database that is distributed to all switches.
Copy the active database to the configure database on each VSAN. See the
Step 8
Copy" section on page
Issue a CFS commit to copy this configuration to all switches in the fabric. See the
Step 9
Changes" section on page
the fabric.
Copy the running configuration to the startup configuration, using the fabric option. This saves the port
Step 10
security configure database to the startup configuration on all switches in the fabric.
Configuring Port Security with Auto-Learning without CFS
To configure port security using auto-learning without CFS, follow these steps:
Step 1
Enable port security. See the
Step 2
Activate port security on each VSAN. This turns on auto-learning by default. See the
Security" section on page
Wait until all switches and all hosts are automatically learned.
Step 3
Step 4
Disable auto-learn on each VSAN. See the
Step 5
Copy the active database to the configure database on each VSAN. See the
Copy" section on page
Copy the running configuration to the startup configuration This saves the port security configure
Step 6
database to the startup configuration.
Repeat
Step 7
Configuring Port Security with Manual Database Configuration
To configure port security and manually configure the port security database, follow these steps:
Enable port security. See the
Step 1
Manually configure all port security entries into the configure database on each VSAN. See the
Step 2
Security Manual Configuration" section on page
Cisco MDS 9000 Family CLI Configuration Guide
39-4
39-5.
39-12. At this point, all switches are activated, and auto-learning.
39-12. At this point, the auto-learned entries from every switch are combined
39-16.
39-12. This ensures that the configure database is the same on all switches in
"Enabling Port Security" section on page
39-5.
39-16.
Step 1
through
Step 6
for all switches in the fabric.
"Enabling Port Security" section on page
the"Disabling Auto-learning" section on page
"Disabling Auto-learning" section on page
39-10.
Chapter 39
Configuring Port Security
"Activating Port
"Committing the
39-8.
"Committing the
"Port Security Database
"Committing the
39-5.
"Activating Port
39-8.
"Port Security Database
39-5.
OL-18084-01, Cisco MDS NX-OS Release 4.x
"Port
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
