Port Security
Port Security
The Port security feature restricts the number of MAC addresses used on a switch or restricts the use of a port to a specific group of users. The number of devices on a secured port can range from one to 132. The MAC addresses are assigned either automatically or by the administrator ( assigned statically).
Address violations occurs when a secure port receives a source address already assigned to another secured port or when a port exceeds its address table size limit. When a violation occurs the action can be suspended, ignored or disabled.
A suspended port is re-enabled when a valid address is received.
A disabled port must be re-enabled manually.
If action is ignored, the switch port remains enabled.
Here is the procedure for configuring the IP Address:
Router(config)# interface e0/1
Router(config-if)# port secure max-mac-count-1
Router(config-if)# exit
Router(config-if)#mac-address-table security
Router(config-if)#exit
Router(config)#address-violation ignore
The no port secure command disables addressing security and sets the maximum number of address on the interface to the default( 132).
The show command yeilds a list of enabled ports and their security statuses.
The action for an address violation can be suspended, disable or ignore,
Use the no address-violation command to set the switch to its default value (suspend)