EdgeSwitch CLI Command Reference
Port Security Commands
This section describes the command you use to configure Port Security on the switch . Port security, which is also
known as port MAC locking, allows you to secure the network by locking allowable MAC addresses on a given
port . Packets with a matching source MAC address are forwarded normally, and all other packets are discarded .
Note:
To enable the SNMP trap specific to port security, see "snmp-server enable traps violation" on
page 73 .
port-security
This command enables port locking on an interface, a range of interfaces, or at the system level .
Default
disabled
port-security
Format
Mode
• Global Config (to enable port locking globally)
• Interface Config (to enable port locking on an interface or range of interfaces)
no port-security
This command disables port locking for one (Interface Config) or all (Global Config) ports .
no port-security
Format
Mode
• Global Config
• Interface Config
port-security max-dynamic
This command sets the maximum number of dynamically locked MAC addresses allowed on a specific port . The
valid range is 0–600 .
Default
600
port-security max-dynamic maxvalue
Format
Mode
Interface Config
no port-security max-dynamic
This command resets the maximum number of dynamically locked MAC addresses allowed on a specific port to
its default value .
no port-security max-dynamic
Format
Mode
Interface Config
port-security max-static
This command sets the maximum number of statically locked MAC addresses allowed on a port . The valid range
is 0–20 .
Default
1
port-security max-static maxvalue
Format
Mode
Interface Config
no port-security max-static
This command sets maximum number of statically locked MAC addresses to the default value .
no port-security max-static
Format
Mode
Interface Config
Ubiquiti Networks, Inc.
Switching Commands
290