Send documentation comments to mdsfeedback-doc@cisco.com.
31-7
Cisco MDS 9000 Family Fabric Manager Configuration Guide
OL-6965-03, Cisco MDS SAN-OS Release 2.x
Chapter 31 Port Security
Configuring Port Security Manually
•TE port checking is done on each VSAN in the allowed VSAN list of the trunk port.
•All PortChannel xE ports must be configured with the same set of WWNs in the same PortChannel.
•E port security is implemented in the port VSAN of the E port. In this case the sWWN is used to
secure authorization checks.
•Once activated, the config database can be modified without any effect on the active database.
•By saving the running configuration, you save the configuration database and activated entries in the
active database. Learned entries in the active database are not saved.
Manually Configuring Port Security
To manually configure port security on a switch, follow these steps:
Step 1 Choose VSANxxx > Port Security from the Logical Domains pane. You see the port security
configuration for that VSAN in the Information pane.
Step 2 Click the Config Database tab. You see the configured port security settings for that VSAN.
Step 3 Click the Create Row icon to add an authorized port pair. You see the Create Port Security dialog box.
Step 4 Double-click the device from the available list for which you want to create the port security setting.
Step 5 Double-click the port from the available list to which you want to bind the device.
Step 6 Click Create to creating the port security setting, or click Close to close the Create Port Setting dialog
without adding a new port security setting.
Step 7 Click the CFS tab and set the command column to commit on all participating switches in the VSAN.
Step 8 Click the Apply Changes icon to save these changes or click Undo Changes to discard any unsaved
changes.
Deleting a Port Security Pair
To delete a port security setting from the configured database on a switch, follow these steps:
Step 1 Choose VSANxxx > Port Security from the Logical Domains pane. You see the port security
configuration for that VSAN in the Information pane.
Step 2 Click the Config Database tab. You see the configured port security settings for that VSAN.
Step 3 Click the row you want to delete.
Step 4 Click the Delete Row icon.You see the confirmation dialog box.
Step 5 Click Yes to delete the row, or click No to close the confirmation dialog box without deleting the row.
Step 6 Click the CFS tab and set the command column to commit on all participating switches in the VSAN.
Step 7 Click the Apply Changes icon to save these changes or click Undo Changes to discard any unsaved
changes.