User Manual
[Note]
This command can be specified only for both LAN/SFP port and logical interface.
Any unregistered terminals will be discarded at the time when the port security function is enabled.
[Example]
Enable port security for LAN port #1.
SWR2311P(config)#interface port1.1
SWR2311P(config-if)#port-security enable
5.4.2 Register permitted MAC addresses
[Syntax]
port-security mac-address
no port-security mac-address
[Initial value]
none
[Input mode]
global configuration mode
[Description]
Registers MAC addresses that are allowed to communicate on ports for which port security has been enabled.
If this command is executed with the "no" syntax, deletes the registered address.
[Example]
Register MAC address 00:A0:DE:00:00:01 as a permitted address for LAN port #1.
SWR2311P(config)#port-security mac-address 00a0.de00.0001 forward port1.1 vlan 1
5.4.3 Set operations used for security violations
[Syntax]
port-security violation action
no port-security violation
[Parameter]
action : Operation used for port security violations
Operation mode Description
discard Discards packets
shutdown Shuts down the port
[Initial value]
port-security violation discard
[Input mode]
interface mode
[Description]
Sets the action to be taken during a port security violation for the applicable interface.
If this command is executed with the "no" syntax, the setting returns to the default.
[Note]
When restoring ports in shutdown mode that have been shut down, use the no shutdown command.
This command can be specified only for both LAN/SFP port and logical interface.
[Example]
Change the operation used for a violation on LAN port #1 to "port shutdown."
SWR2311P(config)#interface port1.1
SWR2311P(config-if)#port-security violation shutdown
162 | Command Reference |
Interface control