Last Updated on August 1, 2021 by Admin 2
What is accomplished by the command switchport port-security violation restrict?
- The switch will generate a log message but will not block any packets.
- The switch will drop packets that are in violation and generate a log message.
- The switch will drop packets that are in violation, but not generate a log message.
- The switch will shut down the interface when packets in violation are detected.
The command switchport port-security violation restrict drops packets that are in violation and generates a log message. The complete syntax of the command is:
switch(config-if)# switchport port-security violation restrict
The port security command is used to lock a port down to specific MAC addresses. The three keywords that can be used with this command are protect, restrict, and shutdown. The protect keyword tells the port to drop packets without generating a log message for packets that are in violation. The restrict keyword tells the port to drop packets and generates a log message for packets that are in violation. The shutdown keyword causes the port to be disabled if a violation is detected.
There is no option to generate a log message but not block any packets.
Objective:
Infrastructure Security
Sub-Objective:
Configure and verify switch security features