Chapter 38
Configuring Port Security
Setting the Shutdown Timeout
You can set the time that a port remains disabled in case of a security violation. By default, the port is
shut down permanently. The valid range is from 1–1440 minutes.
If the time is set to zero, the shutdown is disabled for this port.
When the shutdown timeout expires, the port is reenabled and all port security-related configuration is
Note
maintained.
To set the shutdown timeout, perform this task in privileged mode:
Task
Set the shutdown timeout on a port.
This example shows how to set the shutdown timeout to 600 minutes on port 7/7:
Console> (enable) set port security 7/7 shutdown 600
Secure address shutdown time set to 600 minutes for port 7/7.
Console> (enable)
Disabling Port Security
To disable port security, perform this task in privileged mode:
Task
Step 1
Disable port security on the desired ports.
Step 2
Verify the configuration.
This example shows how to disable port security:
Console> (enable) set port security 2/1 disable
Port 2/1 port security disabled.
Console> (enable)
Console> (enable) show port security 2/1
Port
----- -------- --------- ------------- -------- -------- -------- -------
3/24 disabled
Port
----- -------- ----------------- -------- ----------------- ------------------
3/24
Console> (enable)
OL-8978-04
Security Violation Shutdown-Time Age-Time Max-Addr Trap
restrict
Num-Addr Secure-Src-Addr
1 00-e0-4f-ac-b4-00
Command
set port security mod/port shutdown time
Command
set port security mod/port disable
show port security [mod/port]
20
300
Age-Left Last-Src-Addr
-
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
Configuring Port Security on the Switch
IfIndex
10 disabled
921
Shutdown/Time-Left
-
-
-
38-11