Security
Port Security
Cisco Small Business SLM Series Smart Switches Administration Guide 40
5
• Lock Interface — Configures and indicates the port security status. The
possible field values are:
-
Unchecked
— Indicates that the port is currently unlocked. This is the
default value.
-
Checked
— Indicates that the port is currently locked.
• Learning Mode — Defines the locked port type. The Learning Mode field is
enabled only if Locked is not selected in the Lock Interface Status field. The
possible field values are:
-
Classic Lock
— Locks the port using the classic lock mechanism. The
port is immediately locked, regardless of the number of addresses that
have already been learned. MAC addresses that were already learned
on the port are permitted. All other MACs are considered unauthorized.
-
Limited Dynamic Lock
— The device learns MAC addresses up to the
maximum addresses allowed on the port, after which any new MAC is
considered unauthorized. Both relearning and aging of MAC addresses
are enabled. In order to change the Learning Mode, the Lock Interface
must be set to Unlocked. Once the mode is changed, the Lock Interface
can be reinstated.
• Max Entries — Specifies the number of MAC addresses that can be learned
on the port. The Max Entries field is enabled only if Locked is Not selected
in the Lock Interface Status field. In addition, the Limited Dynamic Lock
mode is selected. The default is 1.
• Action on Violation — Indicates the action to be applied to unauthorized
packets arriving on a locked port. The possible field values are:
-
Discard
— Discards packets from any unknown source. This is the
default value.
-
Forward Not on Device
— Forwards packets from an unknown source
without learning the MAC address.
-
Shutdown
— Discards packets from any unknown source and shuts
down the port. The port remains shut down until reactivated, or until the
device is reset.
STEP 2 Define the relevant fields.
STEP 3 Click Save Settings. The settings are modified, and the device is updated.
To Next Page
Loading...
