PurposeCommand or Action
Disables auto-learning and stops the switch from learning about
new devices that access the switch. This command enforces
no port-security auto-learn vsan vsan-id
Example:
switch(config)# no port-security auto-learn
vsan 23
Step 2
the database contents based on the devices learned up to this
point.
Auto-Learning Device Authorization
The following table summarizes the authorized connection conditions for device requests.
Table 33: Authorized Auto-Learning Device Requests
AuthorizationRequests Connection toDevice (pWWN, nWWN,
sWWN)
Condition
PermittedA configured switch portConfigured with one or
more switch ports
1
DeniedAny other switch port2
Permitted if auto-learning
enabled
A switch port that is not
configured
Not configured3
Denied if auto-learning
disabled
4
PermittedA switch port that allows
any device
Configured or not
configured
5
PermittedAny port on the switchConfigured to log in to
any switch port
6
DeniedA port configured with
some other device
Not configured7
Authorization Scenario
Assume that the port security feature is activated and the following conditions are specified in the active
database:
•
A pWWN (P1) is allowed access through interface fc2/1 (F1).
•
A pWWN (P2) is allowed access through interface fc2/2 (F1).
•
A nWWN (N1) is allowed access through interface fc2/2 (F2).
•
Any WWN is allowed access through interface vfc3/1 (F3).
Cisco Nexus 5000 Series NX-OS SAN Switching Configuration Guide, Release 5.2(1)N1(1)
262 OL-27583-01
Configuring Port Security
Auto-Learning
To Next Page
Loading...
