C
HAPTER
13
| Security Measures
Configuring Port Security
– 382 –
â—† When the port security state is changed from enabled to disabled, all
dynamically learned entries are cleared from the address table.
â—† If port security is enabled, and the maximum number of allowed
addresses are set to a non-zero value, any device not in the address
table that attempts to use the port will be prevented from accessing the
switch.
â—† If a port is disabled (shut down) due to a security violation, it must be
manually re-enabled from the Interface > Port > General page
(page 152).
â—† A secure port has the following restrictions:
â–
It cannot be used as a member of a static or dynamic trunk.
â–
It should not be connected to a network interconnection device.
â–
RSPAN and port security are mutually exclusive functions. If port
security is enabled on a port, that port cannot be set as an RSPAN
uplink port, source port, or destination port. Also, when a port is
configured as an RSPAN uplink port, source port, or destination
port, port security cannot be enabled on that port.
PARAMETERS
These parameters are displayed:
◆ Port – Port identifier.
◆ Security Status – Enables or disables port security on an interface.
(Default: Disabled)
◆ Port Status – The operational status:
â–
Secure/Down – Port security is disabled.
â–
Secure/Up – Port security is enabled.
â–
Shutdown – Port is shut down due to a response to a port security
violation.
◆ Action – Indicates the action to be taken when a port security violation
is detected:
â–
None: No action should be taken. (This is the default.)
â–
Trap: Send an SNMP trap message.
â–
Shutdown: Disable the port.
â–
Trap and Shutdown: Send an SNMP trap message and disable the
port.
◆ Max MAC Count – The maximum number of MAC addresses that can
be learned on a port. (Range: 0 - 1024, where 0 means disabled)
To Next Page
Loading...
Need help?
General
