cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
236
Views
4
Helpful
2
Replies

port-security in switches

arturo.reyna
Level 1
Level 1

Hi:

I have one question about port-security in switches.

If I configure port-security and I don´t define an aging time.

The mac-address for this port, never expires?

Should I enable the port-security aging time.

This happened to me in a switch port wich have a hub, It always shows the mac-addres even, when there no devices in the hub.

TIA.

2 Replies 2

Fernando_Meza
Level 7
Level 7

Hi .. it depends of how is the port configured. The aging comes handy when you configure a limit in the ammount of MAC addresses that are able to connect to a specific port. Let's say you configured teh limit to 10. This means that no more than 10 MAC addresses will be able to connect throuhgt that port. Now let's say that 6 out of 10 PC are running and another PC ( 11 ) is trying to connect. if you have the aging parameter then teh 11th PC will be able to connect after teh aging expired otherwise you will have to remove at least one MAC addresses from the MAC table on that port in order to allow place for the new PC.

I suggest you to quick go throught the bwlow link which explains about it.

http://www.cisco.com/en/US/products/hw/switches/ps628/products_configuration_guide_chapter09186a00800d6a38.html#86378

I hope it helps .. please rate it if does !!!

gtalps123
Level 1
Level 1

Hi,

I have one more requirement on port security. (I have enabled MAC Address authentication on my switch where by the user gets authenticated against their MAC address which is saved on the ACS server)I want a user who has not connected to the port for more than 30 days to be disabled by the ACS server. Is this possible. I am not sure if we are discusion the same ting or not. Please give me any inputs if you have.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: