Switchport Port-Security Violation Command on CISCO Router/Switch


Switchport Port-Security Violation


Sets the action that occurs to the switch port when a violation is triggered.

The violation types are:

Protect: Ignores all traffic on the interface 
Ignores all traffic on the interface, but sends SNMP trap. 
Shutdown (default):
 Shuts the port down and does not allow device to connect.


Switch(config-if)#switchport port-security violation <Type>


For this example, the port-security violation type is set to restrict on int fa0/2 on SW3.

SW3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW3(config)#int fa0/2
SW3(config-if)#switchport port-security violation restrict

Next, the port-security settings are displayed for int fa0/2, with the new changes.

SW3(config)#int fa0/2
SW3(config-if)#do show port-sec int fa0/2
Port Security : Enabled
Port Status : Secure-shutdown
Violation Mode : Restrict
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 1
Configured MAC Addresses : 1
Sticky MAC Addresses : 0
Last Source Address:Vlan : 1234.5678.489d:1
Security Violation Count : 1

Inline Feedbacks
View all comments