Chapter 1
Configuring Port Security
S e n d f e e d b a c k t o n x 5 0 0 0 - d o c f e e d b a c k @ c i s c o . c o m
Table 1-1
Condition Device (pWWN, nWWN, sWWN)
3
4
5
6
7
Authorization Scenario
Assume that the port security feature is activated and the following conditions are specified in the active
database:
•
•
•
•
•
•
•
•
Table 1-2
listed refer to the conditions from
Table 1-2
Device Connection Request
P1, N2, F1
P2, N2, F1
P3, N2, F1
P1, N3, F1
P1, N1, F3
P1, N4, F5
P5, N1, F5
P3, N3, F4
S1, F10
OL-16597-01
Authorized Auto-Learning Device Requests (continued)
Not configured
Configured or not configured
Configured to log in to any switch port Any port on the switch
Not configured
A pWWN (P1) is allowed access through interface fc2/1 (F1).
A pWWN (P2) is allowed access through interface fc2/2 (F1).
A nWWN (N1) is allowed access through interface fc2/2 (F2).
Any WWN is allowed access through interface vfc3/1 (F3).
A nWWN (N3) is allowed access through any interface.
A pWWN (P3) is allowed access through interface fc2/4 (F4).
A sWWN (S1) is allowed access through interface fc3/1-3 (F10 to F13).
A pWWN (P10) is allowed access through interface vfc4/1 (F11).
summarizes the port security authorization results for this active database. The conditions
Authorization Results for Scenario
Requests Connection to
A switch port that is not
configured
A switch port that allows
any device
A port configured with
some other device
Table
1-1.
Authorization Condition
Permitted
1
Permitted
1
Denied
2
Permitted
6
Permitted
5
Denied
2
Denied
2
Permitted
1
Permitted
1
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
Authorization
Permitted if
auto-learning
enabled
Denied if
auto-learning
disabled
Permitted
Permitted
Denied
Reason
No conflict.
No conflict.
F1 is bound to P1/P2.
Wildcard match for N3.
Wildcard match for F3.
P1 is bound to F1.
N1 is only allowed on F2.
No conflict.
No conflict.
Auto-Learning
1-9