Activating Port Security
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Command
Step 2
switch(config)# port-security activate vsan 1
switch(config)# port-security activate vsan 1
no-auto-learn
switch(config)# no port-security activate vsan 1
Note
: If required, you can disable auto-learning (see the
Database Activation Rejection
Database activation is rejected in the following cases:
•
•
•
•
If the database activation is rejected due to one or more conflicts listed in the previous section, you may
decide to proceed by forcing the port security activation.
Forcing Port Security Activation
If the port security activation request is rejected, you can force the activation.
An activation using the force option can log out existing devices if they violate the active database.
Note
You can view missing or conflicting entries using the port-security database diff active vsan command
in EXEC mode.
To forcefully activate the port security database, follow these steps:
Command
Step 1
switch# config t
switch(config)#
Step 2
switch(config)# port-security activate vsan 1 force
Cisco MDS 9000 Family CLI Configuration Guide
39-6
Missing or conflicting entries exist in the configuration database but not in the active database.
The auto-learning feature was enabled before the activation. To reactivate a database in this state,
disable auto-learning.
The exact security is not configured for each PortChannel member.
The configured database is empty but the active database is not.
Chapter 39
Purpose
Activates the port security database for the
specified VSAN, and automatically enables
auto-learning.
Activates the port security database for the
specified VSAN, and disables auto-learning.
Deactivates the port security database for the
specified VSAN, and automatically disables
auto-learning.
"Disabling Auto-learning" section on page
Purpose
Enters configuration mode.
Forces the VSAN 1 port security
database to activate despite conflicts.
OL-18084-01, Cisco MDS NX-OS Release 4.x
Configuring Port Security
39-8).