Cisco Nexus 5000 Series Switch CLI Software Configuration Guide, NX-OS 4.0(1a)N1 (OL-16597-01, January 2009)
Send feedback to nx5000-docfeedback@cisco.com
45-9
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
OL-16597-01
Chapter 45 Configuring Port Security
Auto-Learning
Authorization Scenario
Assume that the port security feature is activated and the following conditions are specified in the active
database:
• A pWWN (P1) is allowed access through interface fc2/1 (F1).
• A pWWN (P2) is allowed access through interface fc2/2 (F1).
• A nWWN (N1) is allowed access through interface fc2/2 (F2).
• Any WWN is allowed access through interface vfc3/1 (F3).
• A nWWN (N3) is allowed access through any interface.
• A pWWN (P3) is allowed access through interface fc2/4 (F4).
• A sWWN (S1) is allowed access through interface fc3/1-3 (F10 to F13).
• A pWWN (P10) is allowed access through interface vfc4/1 (F11).
Table 45-2 summarizes the port security authorization results for this active database. The conditions
listed refer to the conditions from Table 45-1.
3 Not configured A switch port that is not
configured
Permitted if
auto-learning
enabled
4 Denied if
auto-learning
disabled
5 Configured or not configured A switch port that allows
any device
Permitted
6 Configured to log in to any switch port Any port on the switch Permitted
7 Not configured A port configured with
some other device
Denied
Table 45-1 Authorized Auto-Learning Device Requests (continued)
Condition Device (pWWN, nWWN, sWWN) Requests Connection to Authorization
Table 45-2 Authorization Results for Scenario
Device Connection Request Authorization Condition Reason
P1, N2, F1 Permitted 1 No conflict.
P2, N2, F1 Permitted 1 No conflict.
P3, N2, F1 Denied 2 F1 is bound to P1/P2.
P1, N3, F1 Permitted 6 Wildcard match for N3.
P1, N1, F3 Permitted 5 Wildcard match for F3.
P1, N4, F5 Denied 2 P1 is bound to F1.
P5, N1, F5 Denied 2 N1 is only allowed on F2.
P3, N3, F4 Permitted 1 No conflict.
S1, F10 Permitted 1 No conflict.