Cisco IE-3000-8TC Command Reference Manual page 598
Command reference
Hide thumbs
Also See for IE-3000-8TC:
- Software configuration manual (874 pages) ,
- Administration manual (496 pages) ,
- Message manual (98 pages)
Table of Contents
Advertisement
switchport port-security
Sticky secure MAC addresses have these characteristics:
•
•
•
•
•
Examples
This example shows how to enable port security on a port and to set the maximum number of secure
addresses to 5. The violation mode is the default, and no secure MAC addresses are configured.
Switch(config)# interface gigabitethernet 1/2
Switch(config-if)# switchport mode access
Switch(config-if)# switchport port-security
Switch(config-if)# switchport port-security maximum 5
This example shows how to configure a secure MAC address and a VLAN ID on a port:
Switch(config)# interface gigabitethernet 1/2
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport port-security
Switch(config-if)# switchport port-security mac-address 1000.2000.3000 vlan 3
This example shows how to enable sticky learning and to enter two sticky secure MAC addresses on a
port:
Switch(config)# interface gigabitethernet 1/2
Switch(config-if)# switchport port-security mac-address sticky
Switch(config-if)# switchport port-security mac-address sticky 0000.0000.4141
Switch(config-if)# switchport port-security mac-address sticky 0000.0000.000f
This example show how to configure a port to shut down only the VLAN if a violation occurs:
Switch(config)# interface gigabitethernet 1/2
Switch(config)# switchport port-security violation shutdown vlan
You can verify your settings by using the show port-security privileged EXEC command.
Cisco IE 3000 Switch Command Reference
2-572
When you enable sticky learning on an interface by using the switchport port-security
mac-address sticky interface configuration command, the interface converts all the dynamic secure
MAC addresses, including those that were dynamically learned before sticky learning was enabled,
to sticky secure MAC addresses and adds all sticky secure MAC addresses to the running
configuration.
If you disable sticky learning by using the no switchport port-security mac-address sticky
interface configuration command or the running configuration is removed, the sticky secure MAC
addresses remain part of the running configuration but are removed from the address table. The
addresses that were removed can be dynamically reconfigured and added to the address table as
dynamic addresses.
When you configure sticky secure MAC addresses by using the switchport port-security
mac-address sticky mac-address interface configuration command, these addresses are added to the
address table and the running configuration. If port security is disabled, the sticky secure MAC
addresses remain in the running configuration.
If you save the sticky secure MAC addresses in the configuration file, when the switch restarts or
the interface shuts down, the interface does not need to relearn these addresses. If you do not save
the sticky secure addresses, they are lost. If sticky learning is disabled, the sticky secure MAC
addresses are converted to dynamic secure addresses and are removed from the running
configuration.
If you disable sticky learning and enter the switchport port-security mac-address sticky
mac-address interface configuration command, an error message appears, and the sticky secure
MAC address is not added to the running configuration.
Chapter 2 IE 3000 Switch Cisco IOS Commands
OL-13019-01
Advertisement
Table of Contents
