Ethernet Switches & Routers

Reply
New Contributor
Posts: 2
Registered: ‎06-17-2011

set more then one secure mac address on an interface

i´ve a brocade fws648 fast iron and port security is enable, and the maximum of secure mac addresses for the interfaces is 10.

i´ve two host, host 1 with mac adress x.x.x.x and host b with mac address y.y.y.y. i try to configure port security with secure-mac-address so that only host 1 and host 2 can connect on all ports but no other host.

is it not possible to configure secure-mac-address on a vlan or on all ports ?

when i configure secure-mac-address on port 0/1/2, i can set secure-mac-address at  mac x.x.x.x and it´s running. but when i try to set secure-mac-address on port 0/1/2 at mac y.y.y.y. i get an error message "...already exist on port ....". how can i set more than one secure-mac-address on a port.

Super Contributor
Posts: 1,087
Registered: ‎12-13-2009

Re: set more then one secure mac address on an interface

Hi ITH,

     I did a test on one of my switch 4.2.00c code level.

     The below worked for me

Switch(config-if-e10000-20)#port security
Switch(config-port-security-e100-20)#max 10

Switch(config-port-security-e100-20)#secure-mac-address 1111.2222.3333

Switch(config-port-security-e100-20)#secure-mac-address 1111.2222.3334

Switch(config-port-security-e100-20)#secure-mac-address 1111.2222.3335

show run gives below

!
interface ethernet 20
port security
  maximum 10
  secure-mac-address 1111.2222.3334 10
  secure-mac-address 1111.2222.3335 10
  secure-mac-address 1111.2222.3333 10
!

To do multipul port

Switch(config)#interface ethernet 1 to 48

Switch(config-if-1 to 48)#port security

etc

Thanks

Michael

New Contributor
Posts: 2
Registered: ‎06-17-2011

Re: set more then one secure mac address on an interface

hello michael,

i try it , but it doesn´t run.

i configure multiple port (int eth 0/1/2 to 0/1/40) and enable port security, set max3 and violation res.

when i try to add secure-mac-address (config-port-security 0/1/2-0/1/48) i get an error message "must enter interface config level to config secure mac".

when i change to the interf config level (int eth 0/1/11) to set secure-mac-address from a mac that is already configure at port 0/1/23 i get an error message "mac address ...vlan1 is secure on another port 0/1/23 error could not add sec mac to port 0/1/11.

so i can´t set the sec mac adr from 2 hosts at all ports.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook