Solved: Re: Set default port-security value

PietroPoliseno27977 · ‎05-04-2020

Hi everyone I have two questions 1) I wanted to know is there a command to reset the port-security configuration to the default settings? When I disable port-security and go to show port-security I review the previous configuration I would like to reset it. 2) For educational purposes if I first enabled port-security for two mac-addresses then later always for testing I use port-security maximum 8, at this point what happens? can up to 8 mac devices be connected regardless of address? That is, overwrite the previous restriction of the two macs?

Dan Lukes · ‎05-04-2020

Off-topic here (Additional Communities).

You mentioned no switch model you are speaking of.

Read Configuring Port Security

Generally, most commands have "no *" form that revers effect of the command. E.g. if you used "switchport port-security" to enable port security, use "no switchport port-security" to disable it.

View solution in original post

PietroPoliseno27977 · ‎05-04-2020

No I wanted to know how to cancel the configuration do not disable. Disabling it does not cancel the configuration of the two macs set in port-security I did the test. In the meantime, however, I did some tests and found the answers 1) from enable mode, use the clear port-security command and all the All configuration and other options appear. This interested me to know. 2) setting the maximum overwrites any previous policy on restrictions, for example 2 mac. So if I set maximum 8 and previously there was a restriction on only 2 macs with maximum 8 it makes me filter frames up to 8 macs overwriting the previous configuration.

View solution in original post

Dan Lukes · ‎05-04-2020

There's no difference between removing command and cancelling effect of the command.

If you remove the command from configuration (using no * form), it's effect is cancelled.

If you wish to cancel an effect, remove (using no * form) the command that causes it.

Assuming you configured "two MAC limit" by command "switchport port-security maximum 2", the "no switchport port-security maximum 2" cancels the configuration you did previously. We can also say It disables the limit you configured previously.

"clear port-security" can be used to remove MAC addresses learned on secured port, not to disable port security you configured nor to remove limit you configured.

all the All configuration and other options appear

Commands doesn't appear or disappear. You can type any command any time you wish. Are you sure you are speaking about a Cisco switch ? You still didn't mentioned the model ...

View solution in original post

Dan Lukes · ‎05-04-2020

Off-topic here (Additional Communities).

You mentioned no switch model you are speaking of.

Read Configuring Port Security

Generally, most commands have "no *" form that revers effect of the command. E.g. if you used "switchport port-security" to enable port security, use "no switchport port-security" to disable it.

PietroPoliseno27977 · ‎05-04-2020

No I wanted to know how to cancel the configuration do not disable. Disabling it does not cancel the configuration of the two macs set in port-security I did the test. In the meantime, however, I did some tests and found the answers 1) from enable mode, use the clear port-security command and all the All configuration and other options appear. This interested me to know. 2) setting the maximum overwrites any previous policy on restrictions, for example 2 mac. So if I set maximum 8 and previously there was a restriction on only 2 macs with maximum 8 it makes me filter frames up to 8 macs overwriting the previous configuration.

Dan Lukes · ‎05-04-2020

There's no difference between removing command and cancelling effect of the command.

If you remove the command from configuration (using no * form), it's effect is cancelled.

If you wish to cancel an effect, remove (using no * form) the command that causes it.

Assuming you configured "two MAC limit" by command "switchport port-security maximum 2", the "no switchport port-security maximum 2" cancels the configuration you did previously. We can also say It disables the limit you configured previously.

"clear port-security" can be used to remove MAC addresses learned on secured port, not to disable port security you configured nor to remove limit you configured.

all the All configuration and other options appear

Commands doesn't appear or disappear. You can type any command any time you wish. Are you sure you are speaking about a Cisco switch ? You still didn't mentioned the model ...