Filter
Top Products
Security
Port Security
Cisco Small Business SG200 Series 8-port Smart Switch 156
10
• Interface Status—Select Lock to enable port security on the interface.
When an interface transitions from unlocked to locked, all addresses that
had been dynamically learned by the switch on that port are removed from
its MAC address list.
• Max No. of Static MAC Addresses—Specify the maximum number of static
secure MAC addresses at the port/LAG. Static secure MAC address are
configured on the Static Addresses page. The total number of secure
addresses cannot exceed 256.
• Max No. of Dynamic MAC Addresses—Specify the maximum number of
dynamic secure MAC addresses that can be learned from the port/LAG. The
total number of secure addresses cannot exceed 256.
When port-security is enabled on a port, and static or dynamic limits are set
to new values, the following rules apply:
- If the new value is greater than the old value, no action is taken for either
the dynamic or static addresses.
- If the new value is less than the old value, the following actions are taken:
Dynamic Addresses—The switch initiates a flush of all learned
addresses on the port.
Static Addresses—The switch retains the static addresses (up to the
static limit) regardless of whether the addresses are configured as
secure, permanent, or delete on timeout. It then deletes the remaining
static addresses from the MAC address table.
• Action on Violation—Select how the switch handles incoming packets that
are not allowed on the locked port:
- Discard—Packets are dropped.
- Forward—Packets are forwarded, but the source MAC addresses are
not added to the forwarding database.
- Shutdown—Packets are discarded and the port is shut down.
• Trap Frequency—Specify the number of seconds between traps when a
locked port receives incoming packets that are not allowed on the port. This
field displays only when the Action of Violation field is set to Discard with
Trap.
• Convert dynamic addresses to static—Select Enable to convert all
dynamic secure MAC addresses to static secure MAC addresses.