Port Security: Verifying

Verify Port Security

After configuring port security on a switch, check each interface to verify that the port security is set correctly, and check to ensure that the static MAC addresses have been configured correctly.

Verify Port Security Settings

To display port security settings for the switch or for the specified interface, use the show port-security [interface interface-id] command. The output for the dynamic port security configuration is shown in Figure 1. By default, there is one MAC address allowed on this port.

The output shown in Figure 2 shows the values for the sticky port security settings. The maximum number of addresses is set to 10, as configured.

Note: The MAC address is identified as a sticky MAC.

Sticky MAC addresses are added to the MAC address table and to the running configuration. As shown in Figure 3, the sticky MAC for PC2 has been added to the running configuration for S1.

Verify Secure MAC Addresses

To display all secure MAC addresses configured on all switch interfaces, or on a specified interface with aging information for each, use the show port-security address command. As shown in Figure 4, the secure MAC addresses are listed along with the types.