Ganesh Hariharan Sun, 04/25/2010 - 23:52
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Member's Choice, February 2016

Can you setup port security to automatically learn MAC addresses on a switch? If so, how?



Hi ,


Dynamic port security is great but what about when you connect switches to routers or other devices that need to be secured in a way to prevent unauthorized device swapping in the network.


There are two ways to configure a sticky port. The first way being that you configure a static MAC address when configuring port-security on a specific interface. The next way which is more convenient is to configure a “Sticky” MAC address and leave the max MAC addresses to its default value of one. When port-security is configured this way, the first MAC address learned on the switch port will be automatically statically configured into the running-configuration as if you manually specified the MAC address


switchport port-security mac-address h.h.h – This command is executed in interface configuration mode and statically sets a MAC address that allows traffic with the source MAC to traverse the switch.


switchport port-security mac-address sticky – This command is executed in interface configuration mode and configures the port to dynamically learn the MAC address and automatically configure the MAC address as a static MAC address associated with the port.


Hope to Help !!


Remember to rate the helpful post


Ganesh.H

Actions

This Discussion