PurposeCommand or Action
Disables sticky MAC address learning on the interface,
which converts any sticky secure MAC addresses on the
interface to dynamic secure MAC addresses.
no switchport port-security mac-address sticky
Example:
switch(config-if)# no switchport port-security
mac-address sticky
Step 3
Removes the dynamic secure MAC address that you specify.
clear port-security dynamic address address
Example:
Step 4
switch(config-if)# clear port-security dynamic
address 0019.D2D0.02GD
Displays secure MAC addresses. The address that you
removed should not appear.
(Optional) show port-security address interface
{ethernet slot/port | port-channel channel-number}
Example:
Step 5
switch(config)# show port-security address
interface ethernet 2/1
Enables sticky MAC address learning again on the interface.(Optional) switchport port-security mac-address sticky
Example:
Step 6
switch(config-if)# switchport port-security
mac-address sticky
Removing a Dynamic Secure MAC Address
You can remove dynamically learned, secure MAC addresses.
Before you begin
You must have enabled port security globally.
SUMMARY STEPS
1. configure terminal
2. clear port-security dynamic {interface ethernet slot/port | address address} [vlan vlan-ID]
3. (Optional) show port-security address
4. (Optional) copy running-config startup-config
DETAILED STEPS
PurposeCommand or Action
Enters global configuration mode.configure terminal
Example:
Step 1
switch# configure terminal
switch(config)#
Removes dynamically learned, secure MAC addresses, as
specified.
clear port-security dynamic {interface ethernet slot/port
| address address} [vlan vlan-ID]
Step 2
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
318
Configuring Port Security
Removing a Dynamic Secure MAC Address
To Next Page
Loading...
