Chapter 59: MAC Address-based Port Security Commands
890
SWITCHPORT PORT-SECURITY VIOLATION
Syntax
switchport port-security violation
protect|restrict|
shutdown
Parameters
protect
Discards invalid frames. This is the default setting.
restrict
Discards invalid frames and sends SNMP traps.
shutdown
Sends SNMP traps and disables the ports.
Mode
Port Interface mode
Description
Use this command to specify the intrusion actions of the switch. The
intrusion actions determine how the switch responds when ports that have
learned their maximum number of MAC addresses receive ingress frames
that have unknown source MAC addresses.
The no form of this command, NO SWITCHPORT PORT-SECURITY
VIOLATION, returns the value to protect which is the default setting.
Confirmation Command
“SHOW PORT-SECURITY INTERFACE” on page 882
Examples
This example sets the intrusion action for port 5 to protect. The port, after
learning its maximum number of MAC addresses, discards all ingress
packets that have unknown MAC addresses:
awplus> enable
awplus# configure terminal
awplus(config)# interface port1.0.5
awplus(config-if)# switchport port-security violation
protect
To Next Page
Loading...
