Quick Reference Guide
974 PowerConnect B-Series TI24X Configuration Guide
53-1002269-02
Configuring the MAC port security feature
29
Configuration notes and feature limitations
The following limitations apply to this feature:
• MAC port security applies only to Ethernet interfaces.
• MAC port security is not supported on static trunk group members or ports that are configured
for link aggregation.
• MAC port security is not supported on 802.1X port security-enabled ports.
• Devices do not support the reserved-vlan-id <num> command, which changes the default
VLAN ID for the MAC port security feature.
• The SNMP trap generated for restricted MAC addresses indicates the VLAN ID associated with
the MAC address, as well as the port number and MAC address.
• MAC port security is not supported on ports that have multi-device port authentication
enabled.
Configuring the MAC port security feature
To configure the MAC port security feature, perform the following tasks:
• Enable the MAC port security feature
• Set the maximum number of secure MAC addresses for an interface
• Set the port security age timer
• Specify secure MAC addresses
• Configure the device to automatically save secure MAC addresses to the startup-config file
• Specify the action taken when a security violation occurs
• Deny specific MAC addresses
Enabling the MAC port security feature
By default, the MAC port security feature is disabled on all interfaces. You can enable or disable the
feature globally on all interfaces at once, or on individual interfaces.
To enable the feature on all interfaces at once, enter the following commands.
PowerConnect(config)# port security
PowerConnect(config-port-security)# enable
To disable the feature on all interfaces at once, enter the following commands.
PowerConnect(config)# port security
PowerConnect(config-port-security)# no enable
To enable the feature on a specific interface, enter the following commands.
PowerConnect(config)# int e 11
PowerConnect(config-if-e10000-11)# port security
PowerConnect(config-port-security-e10000-11)# enable
Syntax: port security
Syntax: [no] enable