171
interface interface-type interface-number: Specifies a Layer 2 Ethernet port by its type and number.
vlan vlan-id: Specifies the VLAN to which the secure MAC address belongs. vlan-id represents the ID of
the VLAN in the range 1 to 4094. Make sure that you have assigned the Layer 2 port to the specified
VLAN.
Description
Use the port-security mac-address security command to add a secure MAC address in Layer 2 Ethernet
interface view or system view.
Use the undo port-security mac-address security command to remove a secure MAC address in system
view.
By default, no secure MAC address is configured.
This command applies to ports in autoLearn mode. To enable port security, use the port-security enable
command. To set the port in autoLearn mode, use the port-security port-mode autolearn command.
Related commands: display port-security
Examples
# Enable port security, set the port security mode of port GigabitEthernet 1/0/1 to autoLearn, and add
a secure MAC address of 0001-0001-0002 (belonging to VLAN 10) for port GigabitEthernet 1/0/1 in
system view.
<Sysname> system-view
[Sysname] port-security enable
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] port-security max-mac-count 100
[Sysname-GigabitEthernet1/0/1] port-security port-mode autolearn
[Sysname-GigabitEthernet1/0/1] quit
[Sysname] port-security mac-address security 0001-0001-0002 interface gigabitethernet
1/0/1 vlan 10
port-security max-mac-count
Syntax
port-security max-mac-count count-value
undo port-security max-mac-count
View
Layer 2 Ethernet interface view
Default level
2: System level
Parameters
count-value: Specifies the maximum number of secure MAC addresses allowed on the port. The value
ranges from 1 to 1024.
Description
Use the port-security max-mac-count command to set the maximum number of secure MAC addresses
allowed to be added for the port.
Use the undo port-security max-mac-count command to restore the default setting.
To Next Page
Loading...
Need help?
General
