Send documentation comments to mdsfeedback-doc@cisco.com.
31-6
Cisco MDS 9000 Family Fabric Manager Configuration Guide
OL-6965-03, Cisco MDS SAN-OS Release 2.x
Chapter 31 Port Security
Configuring Port Security Manually
Configuring Port Security Manually
Note Most tabs in the Information pane for features using CFS are dimmed until you click the CFS tab. The
CFS tab shows which switches have CFS enabled and shows the master switch for this feature. Once the
CFS tab is clicked, the other tabs in the Information pane that use CFS are activated.
To manually configure port security on any switch in the Cisco MDS 9000 Family, follow these steps:
Step 1 Identify the WWN of the ports that need to be secured.
Step 2 Secure the fWWN to an authorized nWWN or pWWN.
Step 3 Activate the port security database.
Step 4 Verify your configuration.
WWN Identification
If you decide to manually configure port security, be sure to adhere to the following guidelines:
•Identify switch ports by the interface or by the fWWN.
•Identify devices by the pWWN or by the nWWN.
•If an Nx port:
–
is allowed to login to SAN switch port Fx, then that Nx port can only log in through the specified
Fx port.
–
nWWN is bound to a Fx port WWN, then all pWWNs in the Nx port are implicitly paired with
the Fx port.
10 S2, F11 Denied 7 P10 is bound to F11.
11 P4, N4, F5 (auto-learn on) Permitted 3 No conflict.
12 P4, N4, F5(auto-learn off) Denied 4 No match.
13 S3, F5 (auto-learn on) Permitted 3 No conflict.
14 S3, F5 (auto-learn off) Denied 4 No match.
15 P1, N1, F6 (auto-learn on) Denied 2 P1 is bound to F1.
16 P5, N5, F1 (auto-learn on) Denied 7 P3 is bound to F1.
17 S3, F4 (auto-learn on) Denied 7 P3 paired with F4.
18 S1, F3 (auto-learn on) Permitted 5 No conflict.
19 P5, N3, F3 Permitted 6 Wildcard match for F3 and N3.
20 P7, N3, F9 Permitted 6 Wildcard match for N3.
Table 31-2 Authorization Results for Scenario (continued)
Scenario Device Connection Request Authorization Condition Reason