Cisco Nexus 5000 Series Switch CLI Software Configuration Guide, NX-OS 4.0(1a)N1 (OL-16597-01, January 2009)
Send feedback to nx5000-docfeedback@cisco.com
45-8
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
OL-16597-01
Chapter 45 Configuring Port Security
Auto-Learning
About Enabling Auto-Learning
The state of the auto-learning configuration depends on the state of the port security feature:
• If the port security feature is not activated, auto-learning is disabled by default.
• If the port security feature is activated, auto-learning is enabled by default (unless you explicitly
disabled this option).
Tip If auto-learning is enabled on a VSAN, you can only activate the database for that VSAN by using the
force option.
Enabling Auto-Learning
To enable auto-learning, perform this task:
Disabling Auto-Learning
To disable auto-learning, perform this task:
Auto-Learning Device Authorization
Table 45-1 summarizes the authorized connection conditions for device requests.
Command Purpose
Step 1
switch# configuration terminal
switch(config)#
Enters configuration mode.
Step 2
switch(config)# port-security
auto-learn vsan vsan-id
Enables auto-learning so the switch can learn about any device
that is allowed to access VSAN 1. These devices are logged in
the port security active database.
Command Purpose
Step 1
switch# configuration terminal
switch(config)#
Enters configuration mode.
Step 2
switch(config)# no port-security auto-learn vsan
vsan-id
Disables auto-learning and stops the switch
from learning about new devices accessing
the switch. Enforces the database contents
based on the devices learned up to this
point.
Table 45-1 Authorized Auto-Learning Device Requests
Condition Device (pWWN, nWWN, sWWN) Requests Connection to Authorization
1 Configured with one or more switch
ports
A configured switch port Permitted
2 Any other switch port Denied