Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Enable Port Security

I was asked to enable port security to learn first MAC-Address on layer-2 devices. This is all the instruction I got. Any suggestion on how to do this is greatly appreciated.

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Enable Port Security

Hi,

Please check this link,

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22ea/SCG/swtrafc.html#wp1038501

Here are the IOS commands ,

2950(config)#int fa0/1

2950(config-if)#switchport mode access

2950(config-if)#switchport port-security

2950(config-if)#switchport port-security mac-address 0000.02000.0004

2950(config-if)#switchport port-security maximum 1

2950(config-if)#switchport port-security violation shutdown

It will have to be done in each interface at a time. The other way could be:

2950(config)#int range fa0/1 - 24

2950(config-if-range)#switchport mod access

2950(config-if-range)#switchport port-security

2950(config-if-range)#switchport port-security mac-address sticky

2950(config-if-range)#switchport port-security maximum 1

2950(config-if-range)#switchport port-security violation shutdown

2950(config-if-range)#end

Hope that helps !

Regards,

~JG

Please rate if helps

2 REPLIES
Hall of Fame Super Blue

Re: Enable Port Security

Hi

Few more details needed ie. what type of switch.

Easiest thing to do is search on Cisco for your switch type + configuration guide eg. if your switch is a 3560

"3560 configuration"

should bring up all the config per IOS guides for that switch. In there will be details about how to configure port security and the options you have.

HTH

Jon

Re: Enable Port Security

Hi,

Please check this link,

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22ea/SCG/swtrafc.html#wp1038501

Here are the IOS commands ,

2950(config)#int fa0/1

2950(config-if)#switchport mode access

2950(config-if)#switchport port-security

2950(config-if)#switchport port-security mac-address 0000.02000.0004

2950(config-if)#switchport port-security maximum 1

2950(config-if)#switchport port-security violation shutdown

It will have to be done in each interface at a time. The other way could be:

2950(config)#int range fa0/1 - 24

2950(config-if-range)#switchport mod access

2950(config-if-range)#switchport port-security

2950(config-if-range)#switchport port-security mac-address sticky

2950(config-if-range)#switchport port-security maximum 1

2950(config-if-range)#switchport port-security violation shutdown

2950(config-if-range)#end

Hope that helps !

Regards,

~JG

Please rate if helps

261
Views
0
Helpful
2
Replies
CreatePlease to create content