Cisco port security for Small Business / SG series switches

We will see how to set Cisco port security with command line on Small Business series Switch.

Configuration

Definitions

Modes

Action on Violation

Enable Port Security

Switch(config)# interface gi1/0/1
Switch(config-if)# port security mode lock
Switch(config-if)# port security discard-shutdown
Switch(config-if)# port security

Disable Port Security

Switch(config)# interface gi1/0/1
Switch(config-if)# no port security

Set MAC addresses max number

We can set the maximum number of MAC addresses the port is allowed to speak with. It can be usefull if we want to avoid personnal switches.

Switch(config)# interface gi1/0/1
Switch(config-if)# port security mode max-addresses
Switch(config-if)# port security max 2
Switch(config-if)# port security

Port Security with limited learning addresses

We can mix Lock mode and max mac addresses number

Switch(config)# interface gi1/0/1
Switch(config-if)# port security mode secure permanent
Switch(config-if)# port security max 5
Switch(config-if)# port security

Show Commands

Switch# show ports security
Switch# show ports security detailled
Switch# show ports security GigabitEthernet1/0/20
Switch# show mac address-table
Switch# show mac address-table 00:3f:bd:45:5a:b1
Switch# show mac address-table count
Switch# show mac address-table interface GigabitEthernet1/0/20
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Contact :