Categories
Welcome Center
Education & Development
Cyber Security
Virtualization
General
Certification Preparation
Project Management
Posts
Groups
Training Resources
Infosec
IT & Security Bootcamps
Practice Exams
Security Awareness Training
About Us
Home
Certification Preparation
Cisco
CCNA & CCENT
Switchport MAC Max 1 behavior
KPWright
Folks,
My references aren't particularly clear (or I can't tell that they are) with respect to port security.
Can anyone confirm the behavior of a switch port when the following is invoked:
Switch(config-if)# switchport port-security maximum 1
Switch(config-if)# switchport port-security
Specifically, does the port simply restrict connections to a single MAC at a time (ie no additional distribution) or does it capture the first MAC connected and only allow that one (pending initialization)? Assume nothing is done with "Sticky".
Thanks for the help.
Kevin
Find more posts tagged with
Comments
laidbackfreak
"switchport port-security maximum 1"
This command will allow 1 mac address to use the port, all others will be denied.
The "sticky" option will retain it. and add it to the running config.
IF you havent saved the config on reboot the "sticky" will have to re-learn them.
hth
ColbyG
The default behavior is to shut the port down. If you want the port to stay up, but prevent more than one MAC at a time you would use "protect" or "restrict". We use restrict on all of our ports here.
KPWright
Thanks for the feedback.
I did manage to find a place to lab this out later in the evening. Looks like the port will be secured for the first MAC seen connected once the port-security command is invoked. So if multiple hosts are connected, the first one to transmit wins. Clearing this does not require shutdown of the switch, but does require shut / no shut on the interface before another MAC can be captured.
Thanks again.
Kevin
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
