EasyManua.ls Logo

Cisco Catalyst 2950 - Enabling Port Security

Cisco Catalyst 2950
376 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
10-6
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-03
Chapter 10 Configuring the Switch Ports
Enabling Port Security
Beginning in privileged EXEC mode, follow these steps to define a port as a protected port:
Use the no version of the switchport protected interface configuration command to disable the
protected port option.
Enabling Port Security
Secured ports restrict a port to a user-defined group of stations. When you assign secure addresses to a
secure port, the switch does not forward any packets with source addresses outside the defined group of
addresses. If you define the address table of a secure port to contain only one address, the workstation
or server attached to that port is guaranteed the full bandwidth of the port. As part of securing the port,
you can also define the size of the address table for the port.
Note Port security can only be configured on static access ports.
Secured ports generate address-security violations under these conditions:
The address table of a secured port is full, and the address of an incoming packet is not found in the
table.
An incoming packet has a source address assigned as a secure address on another port.
Limiting the number of devices that can connect to a secure port has these advantages:
Dedicated bandwidthIf the size of the address table is set to 1, the attached device is guaranteed
the full bandwidth of the port.
Added securityUnknown devices cannot connect to the port.
These options validate port security or show security violations:
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
interface interface Enter interface configuration mode, and enter the port to be
configured.
Step 3
switchport protected Enable protected port on the port.
Step 4
end Return to privileged EXEC mode.
Step 5
show interfaces switchport Verify that the protected port option is enabled.
Interface Port to secure.
Security Enable port security on the port.
Trap Issue a trap when an address-security violation occurs.
Shutdown Port Disable the port when an address-security violation occurs.
Secure Addresses Number of addresses in the secure address table for this port. Secure ports have
at least one address.
Max Addresses Number of addresses that the secure address table for the port can contain.
Security Rejects Number of unauthorized addresses seen on the port.

Table of Contents

Other manuals for Cisco Catalyst 2950

Preview: Software Configuration Guide
Software Configuration Guide674 pages
Preview: Command Reference
Command Reference686 pages
Preview: Getting Started Guide
Getting Started Guide28 pages
Preview: Hardware Installation Guide
Hardware Installation Guide232 pages
Preview: Datasheet
Datasheet19 pages

Related product manuals