EasyManua.ls Logo

Cisco 7604 - Configuring the Port Security Violation Mode on a Port

Cisco 7604
1011 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
47-6
Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Chapter 47 Configuring Port Security
Configuring Port Security
Enabling Port Security on an Access Port
To enable port security on an access port, perform this task:
This example shows how to enable port security on Fast Ethernet port 5/12:
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# interface fastethernet 5/12
Router(config-if)# switchport
Router(config-if)# switchport mode access
Router(config-if)# switchport port-security
Router(config-if)# do show port-security interface fastethernet 5/12 | include Port Security
Port Security : Enabled
Configuring the Port Security Violation Mode on a Port
To configure the port security violation mode on a port, perform this task:
Command Purpose
Step 1
Router(config)# interface
type
1
slot/port
1. type = ethernet, fastethernet, gigabitethernet, or tengigabitethernet
Selects the LAN port to configure.
Note With Release 12.2(18)SXE and later releases, the
port can be a tunnel port or a PVLAN port.
Step 2
Router(config-if)# switchport
Configures the port as a Layer 2 switchport.
Step 3
Router(config-if)# switchport mode access
Configures the port as a Layer 2 access port.
Note A port in the default mode (dynamic desirable)
cannot be configured as a secure port.
Step 4
Router(config-if)# switchport port-security
Enables port security on the port.
Router(config-if)# no switchport port-security
Disables port security on the port.
Step 5
Router(config-if)# do show port-security
interface
type
1
slot/port
| include Port Security
Verifies the configuration.
Command Purpose
Step 1
Router(config)# interface
type
1
slot/port
1. type = ethernet, fastethernet, gigabitethernet, or tengigabitethernet
Selects the LAN port to configure.
Step 2
Router(config-if)# switchport port-security
violation {protect | restrict | shutdown}
(Optional) Sets the violation mode and the action to be
taken when a security violation is detected.
Router(config-if)# no switchport port-security
violation
Reverts to the default configuration (shutdown).
Step 3
Router(config-if)# do show port-security
interface
type
1
slot/port
| include
violation_mode
2
2. violation_mode = protect, restrict, or shutdown
Verifies the configuration.

Table of Contents

Related product manuals