Manualshelf

Cisco Nexus 5000 Series Switch Fabric Manager Software Configuration Guide, NX-OS 4.0 (OL-16598-01, June 2008)

ManualsBrandsHP ManualsStorageHP SN6000C 8Gb 32-port Fibre Channel Switch
321322323324325326327328329330
Send comments to nx5000-docfeedback@cisco.com
24-7
Nexus 5000 Series Switch Fabric Manager Software Configuration Guide
OL-16598-01
Chapter 24 Configuring Port Security
Port Security Activation
Displaying Port Security Statistics, page 24-9
Displaying Port Security Violations, page 24-10
Activating Port Security
To activate port security using Fabric Manager, perform this task:
Step 1 Expand a VSAN and then choose Port Security in the Logical Domains pane.
You see the port security configuration for that VSAN in the Information pane.
Step 2 Click the Actions tab.
Step 3 In the Action column under Activation, choose the switch or VSAN on which you want to activate port
security. You see a drop-down list with the following options:
activate—Valid port security settings are activated.
activate (TurnLearningOff)—Valid port security settings are activated and auto-learn turned off.
forceActivate—Activation is forced.
forceActivate(TurnLearningOff)—Activation is forced and auto-learn is turned off.
deactivate—All currently active port security settings are deactivated.
NoSelection— No action is taken.
Step 4 Set the Action field you want for that switch.
Step 5 Uncheck the AutoLearn check box for each switch in the VSAN to disable auto-learning.
Step 6 Click the CFS tab and set the command column to commit on all participating switches in the VSAN.
Step 7 Click Apply Changes in Fabric Manager to save these changes.
Database Activation Rejection
Database activation is rejected in the following cases:
Missing or conflicting entries exist in the configuration database but not in the active database.
The auto-learning feature was enabled before the activation. To reactivate a database in this state,
disable auto-learning.
The exact security is not configured for each port channel member.
The configured database is empty but the active database is not.
If the database activation is rejected due to one or more conflicts listed in the previous section, you may
decide to proceed by forcing the port security activation.