Configuring port security, Understanding port security – IBM 12.1(22)EA6 User Manual
Page 310
15-4
Cisco Systems Intelligent Gigabit Ethernet Switch Modules for the IBM BladeCenter, Software Configuration Guide
24R9746
Chapter 15 Configuring Port-Based Traffic Control
Configuring Port Security
Beginning in privileged EXEC mode, follow these steps to define a port as a protected port:
To disable protected port, use the no switchport protected interface configuration command.
This example shows how to configure a port as a protected port:
Switch# configure terminal
Switch(config)# interface gigabitethernet0/17
Switch(config-if)# switchport protected
Switch(config-if)# end
Configuring Port Security
Note
You cannot configure port security on the internal 100 Mbps management module ports.
You can use the port security feature to restrict input to an interface by limiting and identifying MAC
addresses of the stations allowed to access the port. When you assign secure MAC addresses to a secure
port, the port does not forward packets with source addresses outside the group of defined addresses.
This section includes information about these topics:
•
Understanding Port Security, page 15-4
•
Default Port Security Configuration, page 15-6
•
Port Security Configuration Guidelines, page 15-6
•
Enabling and Configuring Port Security, page 15-7
•
Enabling and Configuring Port Security Aging, page 15-9
Understanding Port Security
This section includes information about:
•
Secure MAC Addresses, page 15-5
•
Security Violations, page 15-5
Command
Purpose
Step 1
configure terminal
Enter global configuration mode.
Step 2
interface interface-id
Specify the interface to configure, and enter interface
configuration mode.
Step 3
switchport protected
Configure the interface to be a protected port.
Step 4
end
Return to privileged EXEC mode.
Step 5
show interfaces interface-id switchport
Verify your entries.
Step 6
copy running-config startup-config
(Optional) Save your entries in the configuration file.