Chapter 31: Port Security Commands
474
SET SWITCH PORT SECURITYMODESyntax
set switch port=port
[securitymode=automatic|limited|secured|locked]
[intrusionaction=discard|trap|disable]
[learn=integer]
[participate=yes|no|on|off|true|false]
Parameters
port Specifies the port where you want to set security.
You can specify more than one port at a time.You
can specify the ports individually (for example,
5,7,22), as a range (for example, 18-23), or both (for
example, 1,5,14-22).
securitymode Specifies the port’s security mode. Options are:
automatic Disables security on the port. This is the
default setting.
limited Sets the port to the Limited security
mode. The port learns a limited number
of dynamic MAC addresses, set with the
LEARN parameter.
secured Sets the port to the Secured security
mode. The port accepts frames based
only on static MAC addresses. You must
enter the static MAC addresses of the
nodes with frames the port is to accept
after you have activated this security
mode on a port. To add static MAC
addresses, refer to ADD SWITCH
FDB|FILTER on page 178.
locked Sets the switch to the Locked security
mode. The port stops learning new
dynamic MAC addresses. The port
forwards frames based on static MAC
addresses and on those dynamic
addresses it has already learned.
Note
The online help for this command includes a “pacontrol” option for
this parameter. The option is nonfunctional.