Cisco Systems OL-6244-01 set port security

2-528

Catalyst 6500 Series Switch Command Reference—Release8.4

OL-6244-01

Chapter2 Catalyst 6500 Series Switch and ROM Monitor Commands

set port security

set port security

To configure port security on a port or range of ports, use the set port se c uri ty command.

set port security mod[/port...] [enable | disable] [mac_addr] [age {age_time}]

[maximum {num_ of_mac}] [shutdown {shutdown_time}] [unicast-flood {enable | disable}]

[violation {shutdown | restrict}]

set port security mod/port timer-type {absolute | inactivity}

set port security auto-configure {enable | disable}

set port security mod/port mac_addr [vlan_list]

Syntax Description mod[/port...] Number of the module and optionally, the port on the module.

enable (Optional) Enables port security or unicast flooding.

disable (Optional) Disables port security or unicast flooding.

mac_addr (Optional) Secure MAC address of the enabled port.

age age_time (Optional) Specifies the duration for which addresses on the port will be secured;

valid values are 0 (to disable) and from 1 to 1440 (minutes).

maximum

num_of_mac (Optional) Specifies the maximum number of MAC addresses to secure on the

port; valid values are from 1 to 4097.

shutdown

shutdown_time (Optional) Specifies the duration for which a port will remain disabled in case of

a security violation; valid values are 0 (to disable) and from 1 to 1440 (minutes).

unicast-flood (Optional) Specifies unicast flooding.

violation (Optional) Specifies the action to be taken in the event of a security violation.

shutdown (Optional) Shuts down the port in the event of a security violation.

restrict (Optional) Restricts packets from unsecure hosts.

mod/port Number of the module and the port on the module.

timer-type Specifies the type of aging to be applied to the autoconfigured addresses on a

per-port basis.

absolute Specifies absolute aging. See the “Usage Guidelines” section for more

information.

inactivity Specifies inactivity aging. See the “Usage Guidelines” section for more

information.

auto-configure Automatically configures all learned MAC addresses on a secure port. See the

“Usage Guidelines” section for more information.

enable Enables the automatic configuration feature.

disable Disables the automatic configuration feature.

mac_addr MAC address. See the “Usage Guidelines” section for more information.

vlan_list (Optional) VLAN or list of VLANs. See the “Usage Guidelines” section for more

information.