EasyManuals Logo

Cisco Catalyst 4500 Series Command Reference Guide

Cisco Catalyst 4500 Series
1230 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1113 background imageLoading...
Page #1113 background image
2-1055
Catalyst 4500 Series Switch Cisco IOS Command Reference—Release IOS XE 3.4.0SG and IOS 15.1(2)SG)
OL-27596 -01
Chapter 2 Cisco IOS Commands for the Catalyst 4500 Series Switches
switchport port-security
Defaults The default settings are as follows:
• Port security is disabled.
• When port security is enabled and no keywords are entered, the default maximum number of secure
MAC addresses is 1.
• Aging is disabled.
• Aging time is 0 minutes.
• All secure addresses on this port age out immediately after they are removed from the secure address
list.
Command Modes Interface configuration mode
Command History
Usage Guidelines After you set the maximum number of secure MAC addresses that are allowed on a port, you can add
secure addresses to the address table by manually configuring them, by allowing the port to dynamically
configure them, or by configuring some MAC addresses and allowing the rest to be dynamically
configured.
The packets are dropped into the hardware when the maximum number of secure MAC addresses are in
the address table and a station that does not have a MAC address in the address table attempts to access
the interface.
If you enable port security on a voice VLAN port and if there is a PC connected to the IP phone, you set
the maximum allowed secure addresses on the port to more than 1.
You cannot configure static secure MAC addresses in the voice VLAN.
A secure port has the following limitations:
• A secure port cannot be a dynamic access port or a trunk port.
• A secure port cannot be a routed port.
• A secure port cannot be a protected port.
shutdown (Optional) Sets the security violation shutdown mode. In this mode, a
port security violation causes the interface to immediately become error
disabled.
shutdown vlan (Optional) Set the security violation mode to per-VLAN shutdown. In
this mode, only the VLAN on which the violation occurred is
error-disabled.
Release Modification
12.1(13)EW Support for this command was introduced on the Catalyst 4500 series switch.
12.1(19)EW Extended to include DHCP snooping security enhancement.
12.2(18)EW Added support for sticky interfaces.
12.2(31)SG Added support for sticky port security.
12.2(52)SG Added support for per-VLAN error-disable detection.

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Configuration Guide
Configuration Guide1610 pages
Preview: Administration Guide
Administration Guide1814 pages
Preview: Software Configuration Guide
Software Configuration Guide2086 pages
Preview: Message Guide
Message Guide146 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Datasheet
Datasheet11 pages
Preview: Overview
Overview46 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General IconGeneral
SeriesCatalyst 4500 Series
CategorySwitch
Layer SupportLayer 2, Layer 3
Form FactorModular chassis
StackableNo
Chassis Slots3, 6, 7, 10
Power Supply OptionsAC, DC
RedundancyPower supply, Supervisor engine
Network ManagementCisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
FeaturesSecurity, QoS
Port DensityUp to 384 ports per chassis
Security Features802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine8-E

Related product manuals