15-4
Cisco Systems IntelligentGigabit Ethernet Switch Modules for the IBMBladeCenter, Software Configuration Guide
24R9746
Chapter15 Configuring Port-Based Traffic Control
Configuring Port Security
Beginning in privileged EXEC mode, follow these steps to define a port as a protected port:
To disable protected port, use the no switchport protected interface configuration command.
This example shows how to configure a port as a protected port:
Switch# configure terminal
Switch(config)# interface gigabitethernet0/17
Switch(config-if)# switchport protected
Switch(config-if)# end
Configuring Port Security
Note You cannot configure port security on the internal 100 Mbps management module ports.
You can use the port security feature to restrict input to an interface by limiting and identifying MAC
addresses of the stations allowed to access the port. When you assign secure MAC addresses to a secure
port, the port does not forward packets with source addresses outside the group of defined addresses.
This section includes information about these topics:
Understanding Port Security, page 15-4
Default Port Security Configuration, page 15-6
Port Security Configuration Guidelines, page 15-6
Enabling and Configuring Port Security, page 15-7
Enabling and Configuring Port Security Aging, page 15-9

Understanding Port Security

This section includes information about:
Secure MAC Addresses, page 15-5
Security Violations, page 15-5
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 interface interface-id Specify the interface to configure, and enter interface
configuration mode.
Step3 switchport protected Configure the interface to be a protected port.
Step4 end Return to privileged EXEC mode.
Step5 show interfaces interface-id switchport Verify your entries.
Step6 copy running-config startup-config (Optional) Save your entries in the configuration file.