Configure port-security on Cisco switches

From Notes_Wiki
Revision as of 05:01, 8 January 2025 by Saurabh (talk | contribs) (Created page with "Home > Switch configuration notes > Configure port-security on Cisco switches We can configure Cisco switch for port-security so that only a limited no. of MAC addresses are allowed per port. This can prevent an unauthorized person from connecting to network. To configure port-security in Cisco switches use below steps: # Go to enable mode and interface where port-security should be configured: #:<pre> #:: Switch> enable #:: Switch #configure ter...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Home > Switch configuration notes > Configure port-security on Cisco switches

We can configure Cisco switch for port-security so that only a limited no. of MAC addresses are allowed per port. This can prevent an unauthorized person from connecting to network.

To configure port-security in Cisco switches use below steps:

  1. Go to enable mode and interface where port-security should be configured: 
    Switch> enable
    

    Switch #configure terminal
    

    Switch (config)# interface gi 1/0/__
  2. Configure the port as per your requirement. Normally we will be doing port-security on user ports which are typically access and not on trunk ports which are typically connected to other switches or servers. Example configuraiton of port in access mode is: 
    switchport mode access
    

    switchport access vlan <vlan-id>
  3. Configure port-security to limit no. of MAC addresses on this port to maximum 1 MAC address 
    switchport port-security
    

    switchport port-security maximum 1
    

    switchport port-security mac-address sticky
    

    switchport port-security violation shutdown


Home > Switch configuration notes > Configure port-security on Cisco switches

Retrieved from "http://www.sbarjatiya.com/notes_wiki/index.php?title=Configure_port-security_on_Cisco_switches&oldid=8241"