Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
452
Views
0
Helpful
3
Replies

Port security: Migrating from a Cisco WS-C3548-XL to a Cisco WS-C3850-48P

Go to solution
Supercell292929
Level 1
Level 1

‎01-25-2017 01:46 PM - edited ‎03-05-2019 07:54 AM

Hello,

  Yeah, huge leap in switches! Looong overdue! This previous public switch had the following on all its ports. These commands do not transfer to the 3850. Any idea how to get this kind of security put into play on the 3850's?

Thank you in advance.

port security
port security max-mac-count 5
port security action shutdown
port security aging time 2
port storm-control broadcast action filter
port storm-control broadcast trap
port storm-control broadcast threshold rising 250 falling 150
port storm-control multicast action filter
port storm-control multicast trap
port storm-control multicast threshold rising 250 falling 150
port storm-control unicast action filter
port storm-control unicast trap
port storm-control unicast threshold rising 3000 falling 1000

###### WHEN MIGRATED TO NEW SWITCH:

xxxxx(config-if-range)# port security
^
% Invalid input detected at '^' marker.

xxxxx(config-if-range)# port security max-mac-count 5
^
% Invalid input detected at '^' marker.

xxxxx(config-if-range)# port security action shutdown
^
% Invalid input detected at '^' marker.

xxxxx(config-if-range)# port security aging time 2
^
% Invalid input detected at '^' marker.

xxxxx(config-if-range)# port storm-control broadcast action filter
^
% Invalid input detected at '^' marker.

xxxxxconfig-if-range)# port storm-control broadcast trap
^
% Invalid input detected at '^' marker.

xxxxx(config-if-range)# port storm-control broadcast threshold rising 250 falling 150
^
% Invalid input detected at '^' marker.

xxxxx(config-if-range)# port storm-control multicast action filter
^
% Invalid input detected at '^' marker.

xxxxx(config-if-range)# port storm-control multicast trap
^
% Invalid input detected at '^' marker.

xxxxx(config-if-range)# port storm-control multicast threshold rising 250 falling 150
^
% Invalid input detected at '^' marker.

xxxxx(config-if-range)# port storm-control unicast action filter
^
% Invalid input detected at '^' marker.

xxxxx(config-if-range)# port storm-control unicast trap
^
% Invalid input detected at '^' marker.

xxxxx(config-if-range)# port storm-control unicast threshold rising 3000 falling 1000
^
% Invalid input detected at '^' marker.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎01-25-2017 05:11 PM

Hi

here a translation:

port security --> switchport port-security
port security max-mac-count 5 --> switchport port-security maximum 5
port security action shutdown --> switchport port-security violation shutdown
port security aging time 2 --> switchport port-security aging time 2
port storm-control broadcast action filter --> switchport port-security
port storm-control broadcast trap --> storm-control action trap
port storm-control broadcast threshold rising 250 falling 150 --> storm-control broadcast level pps 250 150 (Now you can set storm in pps, bps and on your old switch it was pps per default basis if I remember good)  
port storm-control multicast action filter
port storm-control multicast trap --> already enabled with "storm-control action trap"
port storm-control multicast threshold rising 250 falling 150 --> storm-control multicast level pps 250 150
port storm-control unicast action filter
port storm-control unicast trap --> already enabled with "storm-control action trap"
port storm-control unicast threshold rising 3000 falling 1000 --> storm-control unicast level pps 3000 1000

Thanks

PS: Please don't forget to rate and mark as correct answer if this answered your question


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎01-25-2017 05:11 PM

Hi

here a translation:

port security --> switchport port-security
port security max-mac-count 5 --> switchport port-security maximum 5
port security action shutdown --> switchport port-security violation shutdown
port security aging time 2 --> switchport port-security aging time 2
port storm-control broadcast action filter --> switchport port-security
port storm-control broadcast trap --> storm-control action trap
port storm-control broadcast threshold rising 250 falling 150 --> storm-control broadcast level pps 250 150 (Now you can set storm in pps, bps and on your old switch it was pps per default basis if I remember good)  
port storm-control multicast action filter
port storm-control multicast trap --> already enabled with "storm-control action trap"
port storm-control multicast threshold rising 250 falling 150 --> storm-control multicast level pps 250 150
port storm-control unicast action filter
port storm-control unicast trap --> already enabled with "storm-control action trap"
port storm-control unicast threshold rising 3000 falling 1000 --> storm-control unicast level pps 3000 1000

Thanks

PS: Please don't forget to rate and mark as correct answer if this answered your question


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Go to solution
Supercell292929
Level 1
Level 1
In response to Francesco Molino

‎02-01-2017 08:15 AM

xxxxxx(config-if)#switchport port-security
Command rejected: GigabitEthernet2/0/1 is a dynamic port.

0 Helpful

Go to solution
Supercell292929
Level 1
Level 1
In response to Francesco Molino

‎02-01-2017 08:18 AM

Ah, got it.

Needed to add the following: switchport mode access

Thank you!

0 Helpful
Customers Also Viewed These Support Documents