Configuring Locked Port Security with CLI Commands

The following table summarizes the equivalent CLI commands for configuring Locked Port security as displayed in the Port Security page.

Table 7-4. Port Security CLI Commands

CLI Command

Description

 

 

shutdown

Disables interfaces.

 

 

set interface active {ethernet interface port-

Reactivates an interface that is shutdown due to

channel port-channel-number}

port security reasons.

 

 

port security learning {disabled dynamic}

Defines the locked port type.

 

 

port security max max-addr

Specifies the number of MAC address that

 

can be learned on the port.

 

 

port security [forward discard discard-

Locks learning of new addresses on an interface.

shutdown] [trap seconds]

 

 

 

show ports security {ethernet interface port-

Displays port lock status.

channel port-channel-number}

 

 

 

The following is an example of the CLI commands:

console # show ports security

 

 

 

Port

Status

Action

Trap

Frequency

Counter

-----

-------

-------

-------

---------

--------

1/e1

locked

Discard

Enable

100

88

1/e2

locked

Discard,

Disable

 

 

 

 

Shutdown

 

 

 

1/e3

Unlocked

-

-

-

-

 

 

 

 

 

 

ACL Overview

Access Control Lists (ACL) allow network managers to define classification actions and rules for specific ingress ports. Packets entering an ingress port, with an active ACL, are either admitted or denied entry and the ingress port is disabled. If they are denied entry, the user can disable the port.

This section contians the following topics:

"Defining IP based ACLs" on page 277

"Defining MAC Based Access Control Lists" on page 283

"Defining ACL Binding" on page 286

276

Configuring Switch Information

Page 276
Image 276
Dell 3548 manual Can be learned on the port, Console # show ports security