Port security, Port security -110 – SMC Networks SMC TigerStack III SMC6824MPE User Manual

C

OMMAND

L

INE

I

NTERFACE

4-110

port security

This command enables or configures port security. Use the no form without
any keywords to disable port security. Use the no form with the appropriate
keyword to restore the default settings for a response to security violation or
for the maximum number of allowed addresses.

Syntax

port security [action {shutdown | trap | trap-and-shutdown}

| max-mac-count address-count]

no port security [action | max-mac-count]

• action - Response to take when port security is violated.

- shutdown - Disable port only.
- trap - Issue SNMP trap message only.
- trap-and-shutdown - Issue SNMP trap message and disable port.

• max-mac-count

address-count - The maximum number of MAC addresses that can be
learned on a port. (Range: 0 - 1024)

Default Setting

• Status: Disabled
• Action: None
• Maximum Addresses: 0

Command Mode

Interface Configuration (Ethernet)

Command Usage

• If you enable port security, the switch will stop dynamically learning new

addresses on the specified port. Only incoming traffic with source
addresses already stored in the dynamic or static address table will be
accepted.

• To use port security, first allow the switch to dynamically learn the

pair for frames received on a port for
an initial training period, and then enable port security to stop address
learning. Be sure you enable the learning function long enough to ensure
that all valid VLAN members have been registered on the selected port.