Security
Port Security
354 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4
17
To configure port security:
STEP 1 Click Security > Port Security.
STEP 2 Select an interface to be modified, and click Edit.
STEP 3 Enter the parameters.
• Interface—Select the interface name.
• Interface Status—Select to lock the port.
• Learning Mode—Select the type of port locking. To configure this field, the Interface
Status must be unlocked. The Learning Mode field is enabled only if the Interface Status
field is locked. To change the Learning Mode, the Lock Interface must be cleared. After
the mode is changed, the Lock Interface can be reinstated. The options are:
- Classic Lock—Locks the port immediately, regardless of the number of addresses
that have already been learned.
- Limited Dynamic Lock—Locks the port by deleting the current dynamic MAC
addresses associated with the port. The port learns up to the maximum addresses
allowed on the port. Both re-learning and aging of MAC addresses are enabled.
- Secure Permanent—Keeps the current dynamic MAC addresses associated with the
port and learns up to the maximum number of addresses allowed on the port (set by
Max No. of Addresses Allowed). Relearning and aging are disabled.
- Secure Delete on Reset—Deletes the current dynamic MAC addresses associated
with the port after reset. New MAC addresses can be learned as Delete-On-Reset
ones up to the maximum addresses allowed on the port. Relearning and aging are
disabled.
• Max No. of Addresses Allowed—Enter the maximum number of MAC addresses that
can be learned on the port if Limited Dynamic Lock learning mode is selected. The
number 0 indicates that only static addresses are supported on the interface.
• Action on Violation—Select an action to be applied to packets arriving on a locked
port. The options are:
- Discard—Discards packets from any unlearned source.
- Forward—Forwards packets from an unknown source without learning the MAC
address.
- Shutdown—Discards packets from any unlearned source, and shuts down the port.
The port remains shut down until reactivated, or until the device is rebooted.
To Next Page
Loading...
Need help?
General
