50-2
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
OL-30933-01
Chapter 50 Configuring Auto Security
Configuring Auto Security
DHCP Snooping
Auto Security (AS) enables DHCP Snooping globally (with the ip dhcp snooping command) and also
on VLANs 2-1005 (with the ip dhcp snooping vlan vlanid command).
AS configures trunk or DHCP server-facing port(s) as trusted (with the ip dhcp-snooping trust
command).
Dynamic ARP Inspection
AS enables this feature globally on all VLANs present on the switch (with the ip arp inspection vlan
vlanid) command.
AS configures the trunk port as trusted (with the ip arp inspection trust command).
Port Security
AS enables this feature on all the switch’s access ports (with the switchport port-security command).]
Configuring Auto Security
Enabling auto security globally
To enable auto security globally, perform this task:
This example shows how to enable auto security globally:
Switch(config)# auto security
Switch# show running-config | i security
auto security
Relevant baseline security feature CLI as shown in the output of the show auto security command is
applied on or removed from access and trunk ports.
Command Purpose
Step 1
Switch# configure terminal
Enters global configuration mode.
Step 2
Switch(config)# auto security
Enables auto security globally.
Step 3
Switch(config)# end
Returns to privileged EXEC mode.
Step 4
Switch# show running-config | i security
(Optional) Saves your entries in the configuration file.
To Next Page
Loading...
Need help?
General
