EasyManuals Logo
Home>Cisco>Network Router>7604

Cisco 7604 User Manual

Cisco 7604
1011 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #829 background imageLoading...
Page #829 background image
47-7
Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Chapter 47 Configuring Port Security
Configuring Port Security
When configuring port security violation modes, note the following information:
protect—Drops packets with unknown source addresses until you remove a sufficient number of
secure MAC addresses to drop below the maximum value.
restrict—Drops packets with unknown source addresses until you remove a sufficient number of
secure MAC addresses to drop below the maximum value and causes the SecurityViolation counter
to increment.
shutdown—Puts the interface into the error-disabled state immediately and sends an SNMP trap
notification.
Note To bring a secure port out of the error-disabled state, enter the errdisable recovery cause
violation_mode global configuration command, or you can manually reenable it by entering the
shutdown and no shut down interface configuration commands.
To protect the CPU against overutilization, when you configure the protect or restrict violation
modes, configure the packet drop rate limiter (see the Configuring the Port Security Rate Limiter
section on page 47-7).
This example shows how to configure the protect security violation mode on Fast Ethernet port 5/12:
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# interface fastethernet 3/12
Router(config-if)# switchport port-security violation protect
Router(config-if)# do show port-security interface fastethernet 5/12 | include Protect
Violation Mode : Protect
This example shows how to configure the restrict security violation mode on Fast Ethernet port 5/12:
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# interface fastethernet 3/12
Router(config-if)# switchport port-security violation restrict
Router(config-if)# do show port-security interface fastethernet 5/12 | include Restrict
Violation Mode : Restrict
Configuring the Port Security Rate Limiter
Note The PFC2 does not support the port security rate limiter.
The truncated switching mode does not support the port security rate limiter.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 7604 and is the answer not in the manual?

Cisco 7604 Specifications

General IconGeneral
BrandCisco
Model7604
CategoryNetwork Router
LanguageEnglish

Related product manuals