How To Enable Or Disable Port Security On A Cisco Switch
Enabling Port Security
Enabling port security and MAC sticky ports is an easy way to add some security to your network. It associates a device (PC, printer, etc.) with a port on the switch. The specified device will be assigned an IP address and function normally, but any other device plugged into the same port will not be assigned an IP address, and will not function on the network.
To begin, telnet into the switch and input the password.
Type "en" or "enable" and put in the password again.
The ">" prompt should now change to "#"
Type in "config t" and press enter. This will change the prompt to (config)#
Specify the port you wish to change. For example, "int fa0/5" would specify port 5 on the switch.The prompt should now read (config-if)#
Enter in the following commands:
switchport mode access
switchport port-security violation protect
switchport port-security mac-address sticky
The port will now only grant network access to the device currently plugged into it (based on its MAC address.) Any other device plugged into it will not be assigned an IP address without releasing the security on the port.
From the (config-if)# prompt, type "exit"
From the (config)# prompt, type "exit"
Verify that the device is currently working.
At the # prompt, type "copy running-config startup-config" This will save the change.
Disabling Port Security
Disabling port security is necessary to plug a new device into the switch. Port security will be disabled, the new device will be plugged in (and allowed to obtain an IP address,) and then port security will be enabled again.
To disable port security, follow the same steps as for enabling, with one exception. After specifying the port to make changes to, the following commands will be entered:
No switchport port-security
No switchport port-security violation protect
No switchport port-security mac-address sticky
No switchport mode access
These are the same commands as were used to enable port security, with the addition of "no" in front of each line. This tells the switch not to use the security options.
More by this Author
File permissions in Unix are a bit different from Windows. When we set the permissions for a file, we will be granting access to three different entities: user, group, and other. The user is whichever specific user...
This tutorial assumes that you already have Hyperic HQ software unpacked and installed on your system. Further, it assumes that you created a user named "hyperic" to install the software. If you used a...