Unsolved
1 Rookie
•
31 Posts
0
927
June 29th, 2022 10:00
S4128T-ON how to enable port security
I cannot figure out how to set MAC based port security on this switch.
I am running OS version 10.4.0E (R3.233).
Will an upgrade to the OS enable this functionality or am I missing it?
This is what I'm doing:
Login as admin
conf t
interface ethernet 1/0/5
I'm trying port {tab complete} and the only option I have is port channel.
I looked at switchport from this level and it is only access, trunk and something else that wasn't relevant to port security.
No Events found!
DELL-Young E
Moderator
•
5.1K Posts
0
June 29th, 2022 22:00
Hi,
First you need to enable port-security on global mode to configure port-security
OS10(config)# switchport port-security
OS10(config-if-eth1/1/x)# switchport port-security
OS10# configure terminal
OS10(config)#interface ethernet 1/1/1
OS10(config-if-eth1/1/1)#switchport port-security
OS10(config-if-port-sec)# no disable
OS10(config-if-port-sec)#mac-learn limit 100
OS10# configure terminal
OS10(config)#interface ethernet 1/1/1
OS10(config-if-eth1/1/1)#switchport port-security
OS10(config-if-port-sec)#no disable
OS10(config-if-port-sec)#mac-learn limit 100
OS10(config-if-port-sec)#mac-learn limit violation shutdown
OS10# configure terminal
OS10(config)#interface ethernet 1/1/1
OS10(config-if-eth1/1/1)#switchport port-security
OS10(config-if-port-sec)#no disable
OS10(config-if-port-sec)#mac-learn limit 100
OS10(config-if-port-sec)#mac-move allow
NOTE The configured MAC address becomes secure MAC address only if you enable the port security feature on the interface.
OS10# configure terminal
OS10(config)#interface port-channel 1
OS10(conf-if-po-1)#switchport port-security
OS10(config-if-port-sec)#no disable
OS10(config-if-po-1)#exit
OS10(config)# mac address-table static 03:ab:cd:21:ba:01 vlan 1 interface port-channel 1
OS10# clear mac address-table secure sticky vlan 1
OS10#clear mac address-table secure sticky interface port-channel 128
OS10#clear mac address-table secure sticky address 00:00:00:00:00:01 vlan 100
OS10# show mac address-table secure sticky
os10# show mac address-table secure dynamic
os10# show mac address-table secure static
->this is the commands sets to configure port-security.
Also Only supported in Standalone switch setup
1 Attachment
06fe389c-7d44-47aa-b5b1-f644c7730841-773886398.png
bweddell
1 Rookie
•
31 Posts
0
June 30th, 2022 09:00
Thank you for the detailed reply. I don't have port-security as an option under switchport.
I am running OS version 10.4.0E (R3.233).
Is port-security part of that version? Let me know if it isn't so I can arrange to have someone update the OS version.
DELL-Chris H
Moderator
•
9.4K Posts
0
June 30th, 2022 10:00
Bweddell,
I think the issue is due to version, from what I see the command is present in 10.5, but isn't in the 10.4 version you're running. I would suggest updating and then let us know if it works on 10.5.
Hope this helps.