C613-50631-01 Rev A Command Reference for IE340 Series 625
AlliedWare Plus™ Operating System - Version 5.5.3-0.x
SWITCHING COMMANDS
SWITCHPORT
PORT-SECURITY AGING
switchport port-security aging
Overview Use this command to set MAC addresses that have been learned by port security
to age out.
Use the no variant of this command to set the MAC addresses to not age out.
Syntax
switchport port-security aging
no switchport port-security aging
Default Disabled (MAC addresses do not age out)
Mode Interface Configuration for a switchport.
Usage notes Use this command to change from static to dynamic operation.
Static operation
Any MAC address learned will be statically installed into the MAC Address table
and will not age out. The addresses are also added to the device’s running
configuration. Each entry then counts towards the maximum allowed addresses,
regardless of whether the device is still connected.
Use this if you want to allow only specific devices to access the port. For example,
this can prevent a person from plugging an unauthorized laptop into your
corporate LAN.
This is the default mode.
Dynamic operation
Any MAC addresses learned will be dynamically installed into the MAC Address
table. Unlike the static operation, no MAC addresses are added to the device’s
running configuration. If a device is disconnected, the Maximum MAC addresses
allowed decreases by 1 (once the dynamic entry times out in the MAC Address
table).
Use this if you want to allow only a limited number of devices to access the port,
but you are not concerned about which specific devices have access. For example,
this can prevent a person from plugging a switch into a port and creating an
unauthorized internet cafe.
Examples To choose dynamic mode by setting port1.0.2 so that the MAC addresses that have
been learned by port security age out, use the following commands:
awplus# configure terminal
awplus(config)# interface port1.0.2
awplus(config-if)# switchport port-security aging
To Next Page
Loading...
Need help?
General
