Port security commands, Port security, Table 4-31 – LevelOne GSW-2692 User Manual

Page 257

background image

Authentication Commands

4-79

4

Port Security Commands

These commands can be used to enable port security on a port. When using port
security, the switch stops learning new MAC addresses on the specified port when it
has reached a configured maximum number. Only incoming traffic with source
addresses already stored in the dynamic or static address table for this port will be
authorized to access the network. The port will drop any incoming frames with a
source MAC address that is unknown or has been previously learned from another
port. If a device with an unauthorized MAC address attempts to use the switch port,
the intrusion will be detected and the switch can automatically take action by
disabling the port and sending a trap message.

port security

This command enables or configures port security. Use the no form without any
keywords to disable port security. Use the no form with the appropriate keyword to
restore the default settings for a response to security violation or for the maximum
number of allowed addresses.

Syntax

port security [action {shutdown | trap | trap-and-shutdown}

| max-mac-count address-count]

no port security [action | max-mac-count]

action - Response to take when port security is violated.

- shutdown - Disable port only.
- trap - Issue SNMP trap message only.
- trap-and-shutdown - Issue SNMP trap message and disable port.

• max-mac-count

- address-count - The maximum number of MAC addresses that can be

learned on a port. (Range: 0-1024)

Default Setting

• Status: Disabled
• Action: None
• Maximum Addresses: 0

Command Mode

Interface Configuration (Ethernet)

Table 4-31 Port Security Commands

Command

Function

Mode

Page

port security

Configures a secure port

IC

4-79

mac-address-table static

Maps a static address to a port in a VLAN

GC

4-134

show mac-address-table

Displays entries in the bridge-forwarding database

PE

4-135