switchport port-security maximum {max # of MAC addresses allowed}:
You can use this option to allow more than the default number of MAC addresses, which is one. For example, if you had a 12-port hub connected to this switch port, you would want to allow 12 MAC addresses—one for each device. The maximum number of secure MAC addresses per port is 132.
switchport port-security violation {shutdown/ restrict/ protect}:
This command tells the switch what to do when the number of MAC addresses on the port has exceeded the maximum. The default is to shut down the port. However, you can also choose to alert the network administrator (i.e., restrict) or only allow traffic from the secure port and drop packets from other MAC addresses (i.e., protect).
switchport port-security mac-address {MAC address}:
You can use this option to manually define the MAC address allowed for this port rather than letting the port dynamically determine the MAC address.
Here's an example:
Switch)# config t
Switch(config)# int range fastEthernet 0/1 - 24
Switch(config-if)# switchport port-security
View the status of port security
Switch# show port-security address
Switch# show port-security interface fa0/18
沒有留言:
張貼留言