beautypg.com

Igure, 63 – removing a mac address from port security, 64 – setting the logging on a port – GarrettCom MNS-6K 4.1.4 User Manual

Page 95

background image

M A G N U M 6 K S W I T C H E S , M N S - 6 K U S E R G U I D E

00:07:50:ef:31:40

00:e0:29:22:15:85

00:03:47:ca:ac:45

00:30:48:70:71:23

00:c1:00:7f:ec:00

11

ENABLE NONE

NONE

ENABLE

0 00:c1:00:7f:ec:00

13

ENABLE NONE

NONE

DISABLE

0 00:c1:00:7f:ec:00

F

IGURE

62 – Allowing specific MAC address on specific ports. After the MAC address is specified, the

port or specific ports or a range of ports can be queried as shown

Magnum6K25(port-security)##

remove mac=00:c1:00:7f:ec:00 port=13

Specified MAC address(es) removed from selected port(s)

Magnum6K25(port-security)##

show port-security port=13

PORT

STATE SIGNAL

ACTION LEARN COUNT MAC ADDRESS

--------

---------- -----------

----------- ---------- ---------- ----------------------

13

ENABLE LOG

NONE

ENABLE

0

Not Configured


Magnum6K25(port-security)##

F

IGURE

63 – Removing a MAC address from port security

Magnum6K25(port-security)##

signal port=11 logandtrap

Port security Signal type set to Log and Trap on selected port(s)

F

IGURE

64Setting the logging on a port

The figures listed above show the necessary commands to setup port security. The
recommended steps to setup security are:
1) Set the MNS-6K software to allow port security commands (Use ‘port-security’

command)

2) Enable port security (Use ‘enable ps’ command)
3) Enable learning on the required ports (Use ‘learn port=11 enable’ command for port 11)
4) Verify learning is enables and MAC addresses are being learnt on required ports (Use

‘show port-security port=11’ command)

5) Save the port-security configuration (Use ‘save’ command)
6) Disable learning on required ports (Use ‘learn port=11,15 disable’ command)
7) (Optional step) Add any specific MAC addresses, if needed, to allow designated devices to

access the network (Use ‘add mac=00:c1:00:7f:ec:00 port=11,15’ command)

8) Disable access to the network for unauthorized devices (Use ‘action port=11

depending on whether the port should be disabled or the packed
dropped. Follow that with a ‘show port-security’ command to verify the setting)

94

This manual is related to the following products:
See also other documents in the category GarrettCom Computer Accessories: