C
LIENT
S
ECURITY
C
OMMANDS
22-4
Command Usage
• If you enable port security, the switch stops learning new MAC
addresses on the specified port when it has reached a configured
maximum number. Only incoming traffic with source addresses
already stored in the dynamic or static address table will be accepted.
• First use the
port security max-mac-count
command to set the
number of addresses, and then use the
port security
command to
enable security on the port.
• Use the
no port security max-mac-count
command to disable port
security and reset the maximum number of addresses to the default.
• You can also manually add secure addresses with the
mac-address-table static
command.
• A secure port has the following restrictions:
- Cannot be connected to a network interconnection device.
- Cannot be a trunk port.
• If a port is disabled due to a security violation, it must be manually
re-enabled using the
no
shutdown
command.
Example
The following example enables port security for port 5, and sets the
response to a security violation to issue a trap message:
Related Commands
shutdown (24-9)
mac-address-table static (28-2)
IP Source Guard Commands
IP Source Guard is a security feature that filters IP traffic on network
interfaces based on manually configured entries in the IP Source Guard
table, or static and dynamic entries in the DHCP Snooping table when
enabled (see “DHCP Snooping Commands” on page 22-10). IP source
guard can be used to prevent traffic attacks caused when a host tries to use
Console(config)#interface ethernet 1/5
Console(config-if)#port security action trap
Содержание 7824M/FSW - annexe 1
Страница 2: ......
Страница 24: ...TABLE OF CONTENTS xxiv ...
Страница 28: ...TABLES xxviii ...
Страница 32: ...FIGURES xxxii Figure 16 3 DNS Cache 16 7 ...
Страница 34: ...GETTING STARTED ...
Страница 46: ...SYSTEM DEFAULTS 1 12 ...
Страница 62: ...SWITCH MANAGEMENT ...
Страница 74: ...CONFIGURING THE SWITCH 3 12 ...
Страница 112: ...BASIC MANAGEMENT TASKS 4 38 ...
Страница 168: ...USER AUTHENTICATION 6 30 ...
Страница 223: ...SHOWING PORT STATISTICS 9 33 Figure 9 12 Port Statistics ...
Страница 230: ...ADDRESS TABLE SETTINGS 10 6 ...
Страница 304: ...CLASS OF SERVICE 13 16 ...
Страница 316: ...QUALITY OF SERVICE 14 12 ...
Страница 338: ...MULTICAST FILTERING 15 22 ...
Страница 346: ...DOMAIN NAME SERVICE 16 8 ...
Страница 348: ...COMMAND LINE INTERFACE IP Interface Commands 35 1 ...
Страница 362: ...OVERVIEW OF COMMAND LINE INTERFACE 17 14 ...
Страница 426: ...SYSTEM MANAGEMENT COMMANDS 19 56 Example Console show calendar 15 12 34 February 1 2002 Console ...
Страница 494: ...USER AUTHENTICATION COMMANDS 21 48 ...
Страница 514: ...CLIENT SECURITY COMMANDS 22 20 ...
Страница 540: ...ACCESS CONTROL LIST COMMANDS 23 26 ...
Страница 558: ...INTERFACE COMMANDS 24 18 ...
Страница 576: ...MIRROR PORT COMMANDS 26 4 ...
Страница 582: ...RATE LIMIT COMMANDS 27 6 ...
Страница 616: ...SPANNING TREE COMMANDS 29 28 ...
Страница 644: ...VLAN COMMANDS 30 28 ...
Страница 664: ...CLASS OF SERVICE COMMANDS 31 20 ...
Страница 678: ...QUALITY OF SERVICE COMMANDS 32 14 ...
Страница 720: ...APPENDICES ...
Страница 726: ...SOFTWARE SPECIFICATIONS A 6 ...
Страница 730: ...TROUBLESHOOTING B 4 ...
Страница 746: ...INDEX Index 6 ...
Страница 747: ......