This window is available for Catalyst 2900 XL, 2950, 3500 XL, and 3550 switches. It appears when you select Port > Port Security on the menu bar. You can also click here to launch it.
This window has these tabs:
Begin by selecting a device from the Host Name list whose security settings you want to display.
The columns in the table on this tab vary according to the selected device. The columns have these meanings.
Column | Appears for... | Meaning |
Static-Access Interface | Any selected device | Identifies static-access interfaces: FastEthernet, Gigabit Ethernet, ATM, the module or slot number (0, 1, 2), and port number. |
Security | Any selected device | Shows whether port security is enabled. |
Trap | Catalyst 2900 XL and 3500 XL only | Specifies a trap (alert) as the violation action. The trap is sent to the management station you defined as the trap manager in the SNMP Management window. |
Shutdown | Catalyst 2900 XL and 3500 XL only | Specifies that the port will be disabled if a violation occurs. |
Secure Address Count | Any selected device | Displays the number of secure addresses that are defined for the port. This field is read-only. You must configure a secure port with at least one address. |
Maximum Secure Address Count | Any selected device | Modifies the number of secure addresses that can be associated with this port. You can enter a number from 1 to 132 for Catalyst 2900 XL, 2950, and 3500 XL switches and from 1 to 128 for Catalyst 3550 switches. Entering 1 means that one station has the full bandwidth of the port. By default, this field is set to the maximum number when security is enabled for the port. |
Security Reject Count | Any selected device | Displays the number of unauthorized addresses that have arrived on this port. This field is read-only. When a secured port receives a packet with an address that is not associated with it, the switch does not forward the packet and can generate a trap or disable the port. |
Action | Catalyst 2950 and 3550 only | Specifies the violation mode for the port as
one of these:
|
To enable port security and define actions for address violations:
Note: To fully secure a port, you can disable flooding to the port from the Flooding Control window. To display this window, select Port > Flooding Controls.
To add a secure address:
To modify a secure address:
To remove a secure MAC address from the Secure Address table, select the address and click Remove. To remove multiple secure addresses from the Secure Address tab, press Ctrl, select the addresses, and click Remove.
To clear the entire Secure Address table, click Clear All.