Cisco IOS Basic CLI Configuration : Switch Port Command

Cisco IOS Basic CLI Configuration : Switch Port Command

1.  Basic

 

Switch>en

Switch#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

Switch(config)#interface vlan 1

Switch(config-if)#ip address 192.168.1.200 255.255.255.0

Switch(config-if)#no shutdown

Switch(config-if)#

%LINK-5-CHANGED: Interface Vlan1, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up

Switch(config-if)#exit

Switch(config)#ip default-gateway 192.168.1.1

Switch(config)#

Switch#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

Switch(config)#interface fastethernet0/1

Switch(config-if)#duplex auto

Switch(config-if)#speed 10

Switch(config-if)#description PC1 connected

Switch(config-if)#exit

Switch(config)#interface range fastethernet 0/10 - 20

Switch(config-if-range)#description hello world

Switch(config-if-range)#exit

Switch(config)#exit

Switch#

%SYS-5-CONFIG_I: Configured from console by console

Switch#

2.  Port Security

Switch>en

Switch#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

Switch(config)#interface fastethernet0/1

Switch(config-if)#switchport mode access

Switch(config-if)#switchport port-security

Switch(config-if)#switchport port-security maximum 1

Switch(config-if)#switchport port-security mac-address 0060.70e5.cdd1

Switch(config-if)#switchport port-security violation shutdown

Switch(config-if)#exit

Switch(config)#

Switch(config)#int fast0/2

Switch(config-if)#switchport mode access

Switch(config-if)#switchport port-security

Switch(config-if)#switchport port-security maximum 1

Switch(config-if)#switchport port-security mac-address sticky

Switch(config-if)#switchport port-security violation protect

Switch(config-if)#exit

Switch(config)#

Switch#show port-security interface fastethernet0/2

Port Security              : Enabled

Port Status                : Secure-up

Violation Mode             : Protect

Aging Time                 : 0 mins

Aging Type                 : Absolute

SecureStatic Address Aging : Disabled

Maximum MAC Addresses      : 1

Total MAC Addresses        : 1

Configured MAC Addresses   : 0

Sticky MAC Addresses       : 1

Last Source Address:Vlan   : 0004.9A36.D069:1

Security Violation Count   : 0

Switch#show port-security interface fastethernet0/1

Port Security              : Enabled

Port Status                : Secure-up

Violation Mode             : Shutdown

Aging Time                 : 0 mins

Aging Type                 : Absolute

SecureStatic Address Aging : Disabled

Maximum MAC Addresses      : 1

Total MAC Addresses        : 1

Configured MAC Addresses   : 1

Sticky MAC Addresses       : 0

Last Source Address:Vlan   : 0060.70E5.CDD1:1

Security Violation Count   : 0

3.  Port Security Actions

 

1.Note that the shutdown option does not actually add the shutdown subcommand to the interface configuration. Instead, IOS puts the interface in an error disabled (err-disabled) state, which makes the switch stop all inbound and outbound frames. To recover from this state, someone must manually disable the interface with the shutdown interface command and then enable the interface with the no shutdown command.

2. Port security does not save the configuration of the sticky addresses, so use the copy running-config startup-config command if desired.