CHAPTER 6: ACCESS CONSIDERATIONS
CONFIGURING PORT SECURITY THROUGH THE COMMAND LINE INTERFACE
MULTILINK ML810 MANAGED EDGE SWITCH – INSTRUCTION MANUAL
6–5
To deny a mac address, use the following:
#port-security
(port-security)##ps enable
(port-security)##deny mac=<address,list,range> port=<num,list,range>
(port-security)##action port=<num,list,range>drop
Example 6-1 views port security settings on a switch. Learning is enabled on port 1. This
port has 6 stations connected to it with the MAC addresses as shown. Other ports have
learning disabled and the MAC addresses are not configured on those ports.
Example 6-1: Viewing the port security settings
ML810#
show port-security
PORT STATE SIGNAL ACTION LEARN COUNT MAC ADDRESS
---- ----- ------ ------ ----- ----- -----------
1 ENABLE LOG NONE ENABLE 6 00:e0:29:2a:f1:bd
00:01:03:e2:27:89
00:07:50:ef:31:40
00:e0:29:22:15:85
00:03:47:ca:ac:45
00:30:48:70:71:23
2 ENABLE NONE NONE DISABLE 0 Not Configured
3 ENABLE NONE NONE DISABLE 0 Not Configured
4 ENABLE NONE NONE DISABLE 0 Not Configured
5 ENABLE NONE NONE DISABLE 0 Not Configured
6 ENABLE NONE NONE DISABLE 0 Not Configured
ML810(port-security)##
Example 6-2: Enabling learning on a port
ML810(port-security)##
learn port=3 enable
Port Learning Enabled on selected port(s)
ML810(port-security)##
show port-security
PORT STATE SIGNAL ACTION LEARN COUNT MAC ADDRESS
---- ----- ------ ------ ----- ----- -----------
1 ENABLE LOG NONE ENABLE 6 00:e0:29:2a:f1:bd
00:01:03:e2:27:89
00:07:50:ef:31:40
00:e0:29:22:15:85
00:03:47:ca:ac:45
00:30:48:70:71:23
2 ENABLE NONE NONE DISABLE 0 Not Configured
3 ENABLE NONE NONE ENABLE 0 Not Configured
4 ENABLE NONE NONE DISABLE 0 Not Configured
5 ENABLE NONE NONE DISABLE 0 Not Configured
6 ENABLE NONE NONE DISABLE 0 Not Configured