AT-9000 Switch Command Line User’s Guide
Section VIII: Port Security 715
SWITCHPORT PORT-SECURITY VIOLATION
Syntax
switchport port-security violation protect|restrict|
shutdown
Parameters
protect Discards invalid frames. This is the default setting.
restrict Discards invalid frames and sends SNMP traps.
shutdown Sends SNMP traps and disables the ports.
Mode
Port Interface mode
Description
Use this command to specify the intrusion actions of the switch. The
intrusion actions determine how the switch responds when ports that have
learned their maximum number of MAC addresses receive ingress frames
that have unknown source MAC addresses.
Confirmation Command
“SHOW PORT-SECURITY INTERFACE” on page 708
Example
This example sets the intrusion action for port 5 to protect. The port, after
learning its maximum number of MAC addresses, discards all ingress
packets that have unknown MAC addresses:
awplus> enable
awplus# configure terminal
awplus(config)# interface port1.0.5
awplus(config-if)# switchport port-security violation
protect
This example sets the intrusion action for ports 22 to 24 to restrict. After
learning their maximum numbers of MAC addresses, the ports discard
packets with unknown source MAC addresses and the switch sends
SNMP traps:
awplus> enable
awplus# configure terminal
awplus(config)# interface port1.0.22-port1.0.24
To Next Page
Loading...
