switch(config)#aaa authorization commands 15 vty-in group acsserver local if-authenticated /为15级用户定义vty-in授权列表,优先依次为ACS Server,local授权 switch(config)#line vty 0 15 switch(config-line)#access-class 18 in /在线路模式下调用前面定义的标准ACL 18 switch(config-line)#ex...
2. Port Security Switch>en Switch#conf t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#interface fastethernet0/1 Switch(config-if)#switchport mode access Switch(config-if)#switchport port-security Switch(config-if)#switchport port-security maximum 1 Switch(config-i...
Related Commands Command Description clear eap sessions Clears EAP session information for the switch or for the specified port. show eou To display information about Extensible Authentication Protocol over User Datagram Protocol (EAPoUDP) global values or EAPoUDP session cache entries, use the sho...
(config-if)# switchport port-security maximun {最大MAC地址数} 设定允许访问的MAC地址。也可配为自动学习MAC地址 (config-if)# switchport port-security mac-address {mac-address ...} //设置允许访问本端口的MAC地址 (config-if)#switchport security aging time {time} //设置端口自动学习MAC地址所持续的...
Switch(config-if)# switchport port-security aging time 10 Switch(config-if)# switchport port-security aging type inactivity To restrict a port dynamically on a Catalyst 3550 switch use the following Cisco Switch Port Security commands. Note that the aging commands cannot be used with sticky MAC ...
switch interface. The DHCP security features, such as dynamic ARP inspection or IP source guard, can still be enabled on the aggregation switch while the switch receives packets with option-82 information on untrusted input interfaces to which hosts are conn...
理解端口安全:当你给一个端口配置了最大安全mac 地址数量,安全地址是以一下方式包括在一个地址表中的:·你可以配置所有的mac 地址使用switchport port-security mac-address ,这个接口命令。·你也可以允许动态配置安全mac 地址,使用已连接的设备的mac 地址。·你可以配置一个地址的数目且允许保持动态配置。注意...
Switch(config-if)#no switchport Switch(config-if)#ip address 10.20.1.1 255.255.255.0 Switch(config-if)#no shutdown Switch(config-if)#end Switch# Switch#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#line vty 0 15 Switch(config-line)#login...
DAI和portsecurity在级联上层交换机的trunk下switch(config)#intgix/x/xswitch(config-if)#swmodetrunkswitch(config-if)#swtrunkencapsdot1qswitch(config-if)#swtrunkallowedvlanx-xswitch(config-if)#spanning-treeguardloop/启用环路保护功能,启用loopguard时自动关闭rootguard接终端用户的端口上设定switch(config)...
The “show cdp entry *”command is the same asshow cdp nei detail. However, on a router or switch, typeshow cdp entry * ?and you’ll see there are two helpful subcommands you can use. Cisco CCNP SWITCH show cdp neighbors Field Descriptions: ...