PG1X WIKI

My Knowledge Base

User Tools

Site Tools


tech:network:catalyst-port-security:catalyst-port-security

This is an old revision of the document!


Catalyst Port Security

ASW2(config-if)#do sh ver | i (Model number| WS-C2960)
cisco WS-C2960-8TC-L (PowerPC405) processor (revision A0) with 65536K bytes of memory.
Model number                    : WS-C2960-8TC-L
*    1 9     WS-C2960-8TC-L     15.0(2)SE8            C2960-LANBASEK9-M
ASW2(config-if)#do sh run int f0/3
Building configuration...

Current configuration : 416 bytes
!
interface FastEthernet0/3
 switchport mode access
 switchport port-security maximum 2
 switchport port-security violation restrict
 switchport port-security mac-address sticky
 switchport port-security mac-address sticky b827.eb41.c943
 switchport port-security mac-address sticky b827.eb8a.3719
 switchport port-security aging time 1
 switchport port-security aging type inactivity
 switchport port-security
end

mac address in CAM table show as STATIC entry.

and disable port-security feature, this entry deleted.

no mac address-table dynamic

has no effect.

it only work

no switchport port-security

Aging Time

Seems to be will effect dynamic only.

interface FastEthernet0/3
 switchport mode access
 switchport port-security maximum 2
 switchport port-security violation restrict
 switchport port-security aging time 1
 switchport port-security aging type inactivity
 switchport port-security
end

Sticky Learning

do sh mac address-table int f0/3
do sh run int f0/3 | i sticky

plug out ethernet cable to b827.eb17.5d00

no switchport port-security mac-address sticky b827.eb17.5d00
do sh mac address-table int f0/3
do sh run int f0/3 | i sticky

References

tech/network/catalyst-port-security/catalyst-port-security.1519130578.txt.gz · Last modified: 2018/02/20 21:42 by wnoguchi