55-22
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 55 Configuring Port Security
Configuring Port Security on Voice Ports
Port Mode Changes
Generally, when a port mode changes, all dynamic addresses associated with that port are removed. All
static or sticky addresses and other port security parameters configured on the
native VLAN are moved
to the native VLAN of the port in the new mode. All the addresses on the non-native VLANs are
removed.
The native VLAN refers to the following VLAN on the specified port type:
For example, when the mode changes from access to private VLAN trunk, all the static or sticky
addresses configured on the access VLAN of the access port are moved to the private VLAN native
VLAN of the private VLAN trunk port. All other addresses are removed.
Similarly, when the mode changes from private VLAN trunk to access mode, all the static or sticky
addresses configured on the private VLAN native VLAN are moved to the access VLAN of the access
port. All other addresses are removed.
When a port is changed from trunk to private VLAN trunk, addresses associated with a VLAN on the
trunk are retained if that VLAN is present in the allowed list of private VLAN trunk or the secondary
VLAN of an association on the private VLAN trunk. If the VLAN is not present in either of them, the
address is removed from the running configuration.
When a port is changed from private VLAN trunk to trunk, a static or sticky address is retained if the
VLAN associated with the address is present in the allowed VLAN list of the trunk. If the VLAN is not
present in the allowed list, the address is removed from running configuration.
Configuring Port Security on Voice Ports
You might want to configure port security in an IP phone environment when a port is configured with a
data VLAN for a PC and a voice VLAN for a Cisco IP Phone.
These sections describe how to configure port security on voice ports:
•
Configuring Port Security on Voice Ports, page 55-23
•
Examples of Voice Port Security, page 55-25
•
Voice Port Security Configuration Guidelines and Restrictions, page 55-27
Port Type
Native VLAN
access
access VLAN
trunk
native VLAN
isolated
secondary VLAN (from host association)
promiscuous
primary VLAN (from mapping)
private VLAN trunk
private VLAN trunk native VLAN
.1Q tunnel
access VLAN
Summary of Contents for Catalyst 4500 Series
Page 2: ......
Page 4: ......
Page 2086: ...Index IN 46 Software Configuration Guide Release IOS XE 3 9 0E and IOS 15 2 5 E ...