Ethernet Switches & Routers

Reply
New Contributor
Posts: 2
Registered: ‎06-17-2011

set more then one secure mac address on an interface

i´ve a brocade fws648 fast iron and port security is enable, and the maximum of secure mac addresses for the interfaces is 10.

i´ve two host, host 1 with mac adress x.x.x.x and host b with mac address y.y.y.y. i try to configure port security with secure-mac-address so that only host 1 and host 2 can connect on all ports but no other host.

is it not possible to configure secure-mac-address on a vlan or on all ports ?

when i configure secure-mac-address on port 0/1/2, i can set secure-mac-address at  mac x.x.x.x and it´s running. but when i try to set secure-mac-address on port 0/1/2 at mac y.y.y.y. i get an error message "...already exist on port ....". how can i set more than one secure-mac-address on a port.

Super Contributor
Posts: 1,087
Registered: ‎12-13-2009

Re: set more then one secure mac address on an interface

Hi ITH,

     I did a test on one of my switch 4.2.00c code level.

     The below worked for me

Switch(config-if-e10000-20)#port security
Switch(config-port-security-e100-20)#max 10

Switch(config-port-security-e100-20)#secure-mac-address 1111.2222.3333

Switch(config-port-security-e100-20)#secure-mac-address 1111.2222.3334

Switch(config-port-security-e100-20)#secure-mac-address 1111.2222.3335

show run gives below

!
interface ethernet 20
port security
  maximum 10
  secure-mac-address 1111.2222.3334 10
  secure-mac-address 1111.2222.3335 10
  secure-mac-address 1111.2222.3333 10
!

To do multipul port

Switch(config)#interface ethernet 1 to 48

Switch(config-if-1 to 48)#port security

etc

Thanks

Michael

New Contributor
Posts: 2
Registered: ‎06-17-2011

Re: set more then one secure mac address on an interface

hello michael,

i try it , but it doesn´t run.

i configure multiple port (int eth 0/1/2 to 0/1/40) and enable port security, set max3 and violation res.

when i try to add secure-mac-address (config-port-security 0/1/2-0/1/48) i get an error message "must enter interface config level to config secure mac".

when i change to the interf config level (int eth 0/1/11) to set secure-mac-address from a mac that is already configure at port 0/1/23 i get an error message "mac address ...vlan1 is secure on another port 0/1/23 error could not add sec mac to port 0/1/11.

so i can´t set the sec mac adr from 2 hosts at all ports.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

Download FREE NVMe eBook