switchport port-security violation

To set the action to be taken when a security violation is detected, use the switchport port-security violation command. To revert to the default settings, use the no form of this command.

switchport port-security violation { protect | restrict | shutdown }

no switchport port-security violation { protect | restrict | shutdown }

Syntax Description

protect
Drops all the packets from the insecure hosts at the port-security process level but does not increment the security-violation count.
restrict
Drops all the packets from the insecure hosts at the port-security process level and increments the security-violation count.
shutdown
Shuts down the port if there is a security violation.

Command Default

shutdown

Command Modes

Interface configuration mode

Command History

Release
Modification
5.1(3)N1(1)
This command was introduced.

Usage Guidelines

This command does not require a license.

Examples

This example shows how to configure the port security violation mode on a port:

switch# configure terminal
switch(config)# interface ethernet 1/5
switch(config-if)# switchport port-security violation protect
switch(config-if)#
 

This example shows how to set the port security violation mode on a port to the default value:

switch# configure terminal
switch(config)# interface ethernet 1/5
switch(config-if)# no switchport port-security violation protect
switch(config-if)#
 

Related Commands

Command
Description
show port-security
Displays the port security configuration information.