How to configure port security on Cisco Catalyst switches
By Brad Reese on Mon, 02/25/08 - 6:36am.
How to configure port security on Cisco Catalyst switches that run Cisco IOS system software:
Use the port security feature to restrict input to an interface.
This feature limits and identifies MAC addresses of the workstations that can access the port.
When secure MAC addresses are assigned to a secure port, the port does not forward packets with source addresses outside the group of defined addresses.
If a secure port reaches the maximum number of secure MAC addresses, a security violation occurs when a workstation that attempts to access the port has a MAC address different from any of the identified secure MAC addresses.
To enable port security on an interface, issue the switchport port-security command.
Issue the show port-security command to view port-security settings for an interface or for the switch.
These are the guidelines to configure port security:
 |
A secure port cannot be a trunk port. |
|
A secure port cannot be an 802.1X port. |
|
A secure port cannot belong to an EtherChannel port-channel interface. |
|
A secure port and static MAC address configuration are mutually exclusive. |
|
A secure port cannot be a destination port for Switch Port Analyzer (SPAN). |
For step-by-step configuration procedures, refer to these documents:
| Cisco Refurbished Inventory Availability |
- About Brad Reese on Cisco
Brad Reese cofounded BradReese.Com Cisco Refurbished, which enables affordable Cisco networks globally by assuring customer satisfaction with guaranteed one year warranties on both Cisco Repair as well as Refurbished Cisco.
Don't be shy, contact Brad Reese online or call him at 646-827-1130.
Most Discussed Posts
- On The Web
-
Network World, Inc
The Connected Enterprise