xStack® DES-3528/DES-3552 Series Layer 2 Managed Stackable Fast Ethernet Switch CLI Reference Guide
35
Port Security Commands
The Switch’s port security commands in the Command Line Interface (CLI) are listed (along with the appropriate
parameters) in the following table.
Command Parameters
config port_s
ecur
it
y
ports [<portlist
> | all] [
{adm
in_state [en
able
| disable]
| m
ax_learning_
addr
<max_lock_no 0-16384> | lock_address_mode [permanent | deleteontimeout |
deleteonreset]} |{vlan [<vlan_name 32> | vlanid <vidlist>] max_learning_addr
[<max_lock_no 0-16384> | no_limit]}]
delete port_security_entry [vlan <vlan_name 32> | vlanid <vlanid 1-4094>] mac_address <macaddr>
clear port_security_entry {ports [<portlist> | all] {[vlan <vlan_name 32> | vlanid <vidlist>]}}
show port_security {ports [<portlist> | all] {[vlan <vlan_name 32> | vlanid <vidlist>]}}
enable port_security trap_log
disable port_security trap_log
config port_security system
max_learning_addr
[<max_lock_no 1-16384> | no_limit]
config port_security vlan [<vlan_name 32> | vlanid <vidlist>] max_learning_addr [<max_lock_no 0-16384>
| no_limit]
Each command is listed, in detail, in the following sections.
config port_security ports
Purpose
Used to configure port security settings.
Syntax config port_security ports [<portlist> | all] [{admin_state [enable | disable] |
max_learning_addr <max_lock_no 0-16384> | lock_address_mode [permanent |
deleteontimeout | deleteonreset]} |{vlan [<vlan_name 32> | vlanid <vidlist>]
max_learning_addr [<max_lock_no 0-16384> | no_limit]}]
Description
This command allows for the configuration of the port security feature. Only the ports listed
in the <portlist> are affected.
Parameters
portlist − Specifies a port or range of ports to be configured.
all − Configure port security for all ports on the Switch.
admin_state [enable | disable] – Enable or disable port security for the listed ports.
max_learning_addr <max_lock_no 0-16384> − Use this to limit the number of MAC
addresses dynamically listed in the FDB for the ports.
lock_address_mode [permanent | deleteontimout | deleteonreset] – Indicates the method of
locking addresses. The user has three choices:
permanent – The locked addresses will not age out after the aging timer expires.
deleteontimeout – The locked addresses will age out after the aging timer expires.
deleteonreset – The locked addresses will not age out until the Switch has been
reset.
vlan – Specifies the VLAN name used.
vlanid – Specifies the VLAN ID used.
max_learning_addr – Specifies the maximum learning address value. To specify this value to
have no limit, select the ‘no_limit’ option.
Restrictions
Only Administrator and Operator-level users can issue this command.
Example usage:
To configure the port security:
To Next Page
Loading...
