cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
jrhodes_iwerk
New Contributor

enabling port security and function

Jump to solution

Hello,

I am more familiar with Cisco on this but here goes.

I have a location in which security needs to be handled properly. I need a way to get learned mac addresses in or limit the amount of mac addresses that a port can learn. There really only needs to be two macs per port but we are trying to limit the amount of information gathering on our team.

Is there a way to configure this?

We have a 2 1638s as well as 3 1544 (I believe).

We will move to 802.1x authentication once we have a new server but this is only in the planning stage and need to implement some port security. Thank you!

Labels (1)
0 Kudos
1 Solution

Accepted Solutions
Anonymous
Not applicable

Re: enabling port security and function

Jump to solution

Hi jrhodes_iwerk:

Thank you for posting your question in the Support Community.  The guide Configuring Port Access Control in AOS is excellent and includes very good explanations of the options, with GUI and CLI examples.  Perhaps the following would match what you're trying to accomplish:


Switch (config)#interface gigabit-switchport 0/1


Switch (config-giga-swx 0/1)#switchport port-security


Switch (config-giga-swx 0/1)#switchport port-security sticky


This will remember the first learned MAC address until the next reboot.  Alternately, switchport port-security sticky-volatile will make the sticky MAC addresses persist across a reboot.

To apply port security to a range of interfaces at once:


Switch (config)#interface range gigabit-switchport 0/1-48


Switch (config-giga-swx 0/1-48)#switchport port-security


Switch (config-giga-swx 0/1-48)#switchport port-security sticky


Best,

Chris

View solution in original post

0 Kudos
2 Replies
Anonymous
Not applicable

Re: enabling port security and function

Jump to solution

Hi jrhodes_iwerk:

Thank you for posting your question in the Support Community.  The guide Configuring Port Access Control in AOS is excellent and includes very good explanations of the options, with GUI and CLI examples.  Perhaps the following would match what you're trying to accomplish:


Switch (config)#interface gigabit-switchport 0/1


Switch (config-giga-swx 0/1)#switchport port-security


Switch (config-giga-swx 0/1)#switchport port-security sticky


This will remember the first learned MAC address until the next reboot.  Alternately, switchport port-security sticky-volatile will make the sticky MAC addresses persist across a reboot.

To apply port security to a range of interfaces at once:


Switch (config)#interface range gigabit-switchport 0/1-48


Switch (config-giga-swx 0/1-48)#switchport port-security


Switch (config-giga-swx 0/1-48)#switchport port-security sticky


Best,

Chris

0 Kudos
Anonymous
Not applicable

Re: enabling port security and function

Jump to solution

I went ahead and flagged the "Correct Answer" on this post to make it more visible and help other members of the community find solutions more easily. If you don't feel like the answer I marked was correct, feel free to come back to this post to unmark it and select another in its place with the applicable buttons.  If you have any additional information on this that others may benefit from, please come back to this post to provide an update.  If you still need assistance, we would be more than happy to continue working with you on this - just let us know in a reply.

Thanks,

Noor