Configuring Device Information 209
The following is an example of the CLI commands:
Configuring Port Security
Network security can be increased by limiting access on a specific port only to users with specific
MAC addresses. The MAC addresses can be dynamically learned, up to that point, or they can be
statically configured. Locked port security monitors both received and learned packets that are
received on specific ports. Access to the locked port is limited to users with specific MAC addresses.
These addresses are either manually defined on the port, or learned on that port up to the point
when it is locked. When a packet is received on a locked port, and the packet’s source MAC address
is not tied to that port (either it was learned on a different port, or is unknown to the system), the
protection mechanism is invoked, and can provide various options. Unauthorized packets arriving
to a locked port are either:
• Forwarded
• Discarded with no trap
• Discarded with a trap
• The ingress port is disabled
console# show dot1x users
Username Session
Time
Last
Auth
Auth
Method
MAC Address Interface
-------- -------- ----- -------- ----------------- --------
Bob 1d3h 58m Remote 00:08:3b:79:87:87 g1
John 8h19m 2m None 00:08:3b:89:31:27 g2
To Next Page
Loading...
