Cisco Nexus 5000 Series Switch Fabric Manager Software Configuration Guide, NX-OS 4.0 (OL-16598-01, June 2008)
Send comments to nx5000-docfeedback@cisco.com
24-12
Nexus 5000 Series Switch Fabric Manager Software Configuration Guide
OL-16598-01
Chapter 24 Configuring Port Security
Auto-Learning
Auto-Learning Device Authorization
Table 24-1 summarizes the authorized connection conditions for device requests.
Authorization Scenario
Assume that the port security feature is activated and the following conditions are specified in the active
database:
• A pWWN (P1) is allowed access through interface fc2/1 (F1).
• A pWWN (P2) is allowed access through interface fc2/2 (F1).
• A nWWN (N1) is allowed access through interface fc2/2 (F2).
• Any WWN is allowed access through interface vfc3/1 (F3).
• A nWWN (N3) is allowed access through any interface.
• A pWWN (P3) is allowed access through interface fc2/4 (F4).
• A sWWN (S1) is allowed access through interface fc3/1-3 (F10 to F13).
• A pWWN (P10) is allowed access through interface vfc4/1 (F11).
Table 24-2 summarizes the port security authorization results for this active database. The conditions
listed refer to the conditions from Table 24-1.
Table 24-1 Authorized Auto-Learning Device Requests
Condition Device (pWWN, nWWN, sWWN) Requests Connection to Authorization
1 Configured with one or more switch
ports
A configured switch port Permitted
2 Any other switch port Denied
3 Not configured A switch port that is not
configured
Permitted if
auto-learning
enabled
4 Denied if
auto-learning
disabled
5 Configured or not configured A switch port that allows
any device
Permitted
6 Configured to log in to any switch port Any port on the switch Permitted
7 Not configured A port configured with
some other device
Denied
Table 24-2 Authorization Results for Scenario
Device Connection Request Authorization Condition Reason
P1, N2, F1 Permitted 1 No conflict.
P2, N2, F1 Permitted 1 No conflict.
P3, N2, F1 Denied 2 F1 is bound to P1/P2.
P1, N3, F1 Permitted 6 Wildcard match for N3.