MNS-BB Software User Guide
-27-
22 Drop Log Enable None
23 Disable Log Enable 00:e0:29:6c:a4:fd
24 Drop Log Enable None
25 None None Disable None
Removing a Device from the “Authorized” List for a Port.
This command option removes unwanted devices (MAC addresses) from the Authorized Addresses
list. (An Authorized Address list is available for each port where Learn Mode is set to “Static”
To use the CLI to remove a device that is no longer authorized:
Example: suppose port 18 is configured as shown below and you want to remove 00c100-123456
from the Authorized Address list:
LE2425A# show port-security port=18
Port :18
Action :Disable
Signal :Log
Learn Mode :Disable
MAC_Addresses: 00:c1:00:7f:ec:00 00:60:b0:88:9e:00
The following command serves this purpose by removing 00:c1:00:7f:ec:00
LE2425A(port-security)## remove mac=00:c1:00:7f:ec:00 port=18
The above command sequence results in the following configuration for port 18:
LE2425A# show port-security port=18
Port :18
Action :Disable
Signal :Log
Learn Mode :Disable
MAC_Addresses:00:60:b0:88:9e:00
To Set Action Type of secured port
Syntax: action port=<num|list|range> type=<none|disable|drop>
User can set the action type (none, disable or drop) for un-authorized devices for secured ports.
LE2425A(port-security)##action port=11 drop
Port security Action type set to Drop on selected port(s)
To set signal type of secured port
Syntax: signal port=<num|list|range> <none|log|trap|logandtrap>
User can set the ytpe of signal (Log, Trap or Both) for un-authorized devices for secured ports.
LE2425A(port-security)##signal port=11 logandtrap
Port security Signal type set to Log and Trap on selected port(s)
6.8 Reading Intrusion Alerts and Resetting Alert Flags
6.8.1 Notice of Security Violations
When the switch detects an intrusion on a port, it sets an “alert flag” for that port and makes the
intrusion information available as described below. When a security violation occurs on a port
configured for Port Security, the switch logs the intruder activity in the event log.
– The show log command displays the Intrusion Log and the Event Log with different options.
6.8.2 How the Intrusion Log Operates
When the switch detects an intrusion attempt on a port, it enters a record of this event in the event
Log. The event Log lists the most recently detected security violation attempts. This gives you a
history of past intrusion attempts also.
Example:
S Date Time Log Description
To Next Page
Loading...
