Ethernet Switches & Routers

Reply
Occasional Contributor
Posts: 8
Registered: ‎07-07-2017

need to configure port security on a Brocade icx6430-24 port switch to learn only 1 mac address

Need help to configure port security, I have tried many things and the switch still does not shut down the port when the ethernet cable is plugged into a different computer. We want to be configured in a way that the port will only learn a max of 1 mac address and shutdown permanently if pluged into a different computer. However, it does not do what the commands are ordering to do. It does not record a violation in the stats and therefore does not shut down.

 

Please any help will be appreciated.

Brocade Moderator
Posts: 226
Registered: ‎06-30-2010

Re: need to configure port security on a Brocade icx6430-24 port switch to learn only 1 mac address

Hi,

 

Could you please provide the configuration that you have applied to enable port security?

 

Regards

Mick

 

 


If my response has solved your query please click the "Accept as Solution" button.

Any and all information provided by me is not reviewed, approved or endorsed by Brocade and is provided solely as a convenience for Brocade customers.

All systems and all networks are different and unique. If you have a service affecting network problem, please open a TAC service request for service through Brocade, or through your OEM equipment provider.
Frequent Contributor
Posts: 120
Registered: ‎07-20-2015

Re: need to configure port security on a Brocade icx6430-24 port switch to learn only 1 mac address

Occasional Contributor
Posts: 8
Registered: ‎07-07-2017

Re: need to configure port security on a Brocade icx6430-24 port switch to learn only 1 mac address

Hello and thank you for responding,

 

This what the current config says on port 1/1/7

 

interface ethernet 1/1/7

port security

enable

 

As of now there is no mac address recorded or saved because nothing is plugged in and used the clear command to remove recorded mac addresses.

 

What I am asked to do is to program this and other 2 ports to learn only one mac address without having to enter one manually, and once the port has learned one mac address; set the violation to shut the port down in a second mac is detected.

 

However, when I plug into a second device the port does not shutdown and no violation is recorded when accessing the port security mac stat command.

 

Your assistance is greatly appreciated.

 

 

External Moderator
Posts: 4,929
Registered: ‎02-23-2004

Re: need to configure port security on a Brocade icx6430-24 port switch to learn only 1 mac address

@NETWizz

 

the config guide is for NOS based Platforms ( VDX Series )

 

---->>>This is probably what you want:

TechHelp24
Occasional Contributor
Posts: 8
Registered: ‎07-07-2017

Re: need to configure port security on a Brocade icx6430-24 port switch to learn only 1 mac address

Thank you for respodning,

 

I really appreciate your help, but wha they want me to configure is for the port to automatically save the mac address as secure and not having to input manually since I have many other switches to configure for port security.

 

Thanks,

 

Miguel

Highlighted
Brocade Moderator
Posts: 96
Registered: ‎02-04-2015

Re: need to configure port security on a Brocade icx6430-24 port switch to learn only 1 mac address

Hi Miguel,

 

The port security command should have taken you to a sub configuration mode where you can specify the number of MAC addresses you want to allow on the interface. In your case that would be 1. Please refer to the example below

 

device(config)#interface ethernet 1/7/11
device(config-if-e1000-1/7/11)#port security
device(config-port-security-e1000-1/7/11)#enable

device(config-port-security-e1000-1/7/11)#maximum 1

 

You then can specify an action to be taken when a violation occurs by either dropping packets using command "violation restrict", or disabing the interface with "violation shutdown"

 

Lastly, you can make the switch save the learned MAC addresses for when the switch gets rebooted

 

device(config)#port security
device(config-port-security)#autosave 20

 

Please refer to the security guide below for further information.

 

http://www.brocade.com/content/html/en/configuration-guide/fastiron-08030b-securityguide/index.html

 

Hope this helps addressing your concern

 

Kind Regards,

Os

 

Any and all information provided by me is not reviewed, approved or endorsed by Brocade and is provided solely as a convenience for Brocade customers.

All systems and all networks are different and unique. If you have a service affecting network problem, please open a TAC service request for service through Brocade, or through your OEM equipment provider. If this provided you with a solution to this issue, please mark it with the button at the bottom "Accept as solution" .

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.