ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel
  • »
  • Technology»
  • Computers & Software»
  • Computer How-Tos & Tutorials

How To Enable Or Disable Port Security On A Cisco Switch

Updated on July 10, 2011

Enabling Port Security

Enabling port security and MAC sticky ports is an easy way to add some security to your network. It associates a device (PC, printer, etc.) with a port on the switch. The specified device will be assigned an IP address and function normally, but any other device plugged into the same port will not be assigned an IP address, and will not function on the network.

To begin, telnet into the switch and input the password.

Type "en" or "enable" and put in the password again.

The ">" prompt should now change to "#"

Type in "config t" and press enter. This will change the prompt to (config)#

Specify the port you wish to change. For example, "int fa0/5" would specify port 5 on the switch.The prompt should now read (config-if)#

Enter in the following commands:

switchport mode access
switchport port-security
switchport port-security violation protect
switchport port-security mac-address sticky

The port will now only grant network access to the device currently plugged into it (based on its MAC address.) Any other device plugged into it will not be assigned an IP address without releasing the security on the port.

From the (config-if)# prompt, type "exit"

From the (config)# prompt, type "exit"

Verify that the device is currently working.

At the # prompt, type "copy running-config startup-config" This will save the change.

Disabling Port Security

Disabling port security is necessary to plug a new device into the switch. Port security will be disabled, the new device will be plugged in (and allowed to obtain an IP address,) and then port security will be enabled again.

To disable port security, follow the same steps as for enabling, with one exception. After specifying the port to make changes to, the following commands will be entered:

No switchport port-security
No switchport port-security violation protect
No switchport port-security mac-address sticky
No switchport mode access

These are the same commands as were used to enable port security, with the addition of "no" in front of each line. This tells the switch not to use the security options.


    0 of 8192 characters used
    Post Comment

    • profile image

      Manimaran 4 years ago

      I clearly understand an thanks

    • imran205 profile image

      imran205 4 years ago

      Thanks buddy

    • profile image

      mayhem 6 years ago


    • profile image

      Leo 6 years ago