Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

view port-security disabled port

Hi, I have a lots of cisco catalyst switches, and I need to find out wich switch has port with port-security feature disabled.

I have a comand show port-security, but it shows me just enabled  port-security feature on ports, but I need opposite info, may be someone know how to view port table without port security

thanks

16 REPLIES
Hall of Fame Super Gold

view port-security disabled port

sh interface status err-disabled

New Member

view port-security disabled port

thanks but, I think you dont understand my question, your comand just shows err-disabled port, but with ports everything OK, they are int working state, no violation happends for now. let me explain on example, I have two ports in my config

interface FastEthernet0/2

switchport mode access

switchport block multicast

switchport block unicast

switchport port-security

switchport port-security violation restrict

switchport port-security mac-address sticky

storm-control broadcast level 5.00 4.00

storm-control multicast level 5.00 4.00

storm-control action trap

!

interface FastEthernet0/3

switchport mode access

switchport port-security maximum 2

storm-control broadcast level 5.00 4.00

storm-control multicast level 5.00 4.00

storm-control action trap

on interface 0/2 I have a command

switchport port-security

it means my port is secure

on interface 0/3 I dont have this command

it means it's unsecure

so I need to some show...bla-bla-bla writen in one line to see ONLY unsecure interfaces

Gold

Re: view port-security disabled port

Hi

Is this good enough ?

sh ru | i (interface|port-security)

or

sh ru | i (interface|violation)

This will still give you all ports but it will also tell you wich are configured and wich is not configured.

interface GigabitEthernet1/0/7

interface GigabitEthernet1/0/8

switchport port-security violation restrict

interface GigabitEthernet1/0/9

interface GigabitEthernet1/0/10

as you can see here Gig1/0/8 is configured the others are not since they have no row of switchport port-security beneath them.

.

This sh ru will pick out any line with "interface" and any line with "port-security" (or "violation)

Good luck

HTH

New Member

Re: view port-security disabled port

thanks, but this comands just show interface number and lines with %port-security%, in your example it doesn't mean that

interface configured for port security, because only intrface with \switchport port-security\ and nothing after that is secured, for example:

(non secured)

sh run int g1/0/8

!

interface GigabitEthernet1/0/8

switchport port-security violation restrict

(secured)

sh run int g1/0/8

!

interface GigabitEthernet1/0/8

switchport port-security

switchport port-security violation restrict

How can just interface with this?

Gold

Re: view port-security disabled port

Hi

If you use the word port-security instead of violation then it will show you just that.

sh ru | i (interface|port-security)

It will still give you all the rest but it will give you the line with port-security only.

so you will be able to tell if it is connected or not.

New Member

Re: view port-security disabled port

@hobbe:

Thank you very much. You point me to the right direction.

@Krasnoperov

Can you try this command?

sh ru | i (interface|port-security$)

Purple

view port-security disabled port

Hi,

sh  run  | exc port-security

Regards.

Alain

Don't forget to rate helpful posts.
New Member

view port-security disabled port

nope it's just shows ALL (not just inteface section) line in my config WITHOUT port-security lines, and I see all interfaces with&without portsecurity

New Member

view port-security disabled port

So you want to see wich port are not configured with port-security command...I don't think it's possible... it is faster to do a show run and use find function. But maybe i'm wrong... i've thinked same solution who Cadet had suggested but if not work i've no idea...

Purple

view port-security disabled port

Hi,

I've got no switch here to verify but you could try sh run interface | exc port-security

Regards.

Alain.

Don't forget to rate helpful posts.

view port-security disabled port

I just tested that cadet, if you do that, it will show all ther interfaces but just excluding the port-security configuration statements. I was not able to get a single command to do this, but you can modify the following one.

show port-security interface gi0/1 | i Port Security|Disabled

This will show you if the port has port security enabled or disabled.

You can just modify each statement if you want. Personally I would

just do a show run, but each his own.

Hope that helped.

New Member

view port-security disabled port

thanks but it's only for 1 port, and I need to view all ports, so I need to do this command for each

New Member

view port-security disabled port

sh run interface

% Incomplete command.

so I need to define just one interface in this command,

and I need to view all ports, so I need to do this command for each

view port-security disabled port

You could setup a macro to do this for you actually....

New Member

view port-security disabled port

@Krasnoperov:

Have you found a solution for your problem? I would like to see all the ports which have no 802.1x authentication enabled too. But unfortunately I have no idea how to do this.

New Member

view port-security disabled port

Nope, unfortunatly. But as far as I know, this shuld be done with TCL, but I not coder person...

4740
Views
8
Helpful
16
Replies