message Max bridge entries limit hit on the port # in syslog and/or to shut down the port. For level, the
default value is logging.
When a port-security error occurs, the switch shuts down the port so that no traffic is received by the switch on
this port. You can use the clear command to resolve the port-security error and bring UP the port.
In the WebUI
To configure the maximum number of MAC addresses for a port, perform the following steps:
1. Navigate to Configuration > NETWORK > Ports.
2. Under the Port Selection group, select a port.
3. Under the Configure Selected Port <slot/module/port> group box, enter a value for the Maximum
number of mac address text box. The range of value you can configure for this option must be between
1 and 16,384.
4. Click Apply.
In the CLI
To enable the port-security feature on the switch, execute the following command:
(host) (config) #interface gigabitethernet 0/0/0
(host) (config-if) #switchport port-security maximum <num>
where <num> represents the maximum MAC address range for the port. You can set a value from 1 to 16,384.
You can set the level of security and autorecovery interval using the level and interval parameters,
respectively.
(host) (config-if)#switchport port-security maximum 25 level ?
drop The packet will be dropped on crossing the limit
logging The packet will be dropped and a message will be logged
shutdown The packet will be dropped, message will be logged
and the port will be shutdown
(host) (config-if)#switchport port-security maximum 25 level shutdown interval ?
<seconds> Time in seconds. Supported range (1-65535)
The sample command to set the values for maximum MAC addresses, levels of security for packet handling,
and the autorecovery interval time is as follows:
(host) (config-if) #switchport port-security maximum 20 level shutdown interval 100
The level of security can be set to drop, logging, or shutdown. The default value for level is logging. The
autorecovery interval time (in seconds) to clear the port error must be in the range of 1-65,535.
To disable this port-security feature on the switch, execute the following command:
(host) (config) #interface gigabitethernet 0/0/0
(host) (config-if) #no switchport port-security maximum
To display any port-security error, execute the following command:
(host) #show port status
Port Status
-----------
Slot-Port PortType AdminState OperState PoE Trusted SpanningTree
--------- -------- ---------- --------- --- ------- ------------
0/0/0 GE Enabled Up N/A Yes Forwarding
0/0/1 GE Enabled Down N/A Yes Disabled
0/0/2 GE Enabled Down N/A Yes Disabled
0/0/3 GE Enabled Down N/A Yes Disabled
0/0/4 GE Enabled Down N/A Yes Disabled
0/0/5 GE Enabled Down N/A Yes Disabled
AOS-W 6.5.3.x | User Guide The Basic User-Centric Networks | 41
To Next Page
Loading...