Cisco ‘show port security’ commands and outputs
The show port security command is a useful command to check the configured port security on the Cisco switch.
We can use this command to see the port security-related data and how our device is performing.
In case of any security breach, we can use this command to check the logs and configure the switch port to be more secure.
There are following port security commands that we can use
We can see the show port-security command output below
In the output, we can see on which ports of the switch, port security has been enabled. On the switch, we have only enabled port security on one switch so we can see only one switch is showing up, if we have more ports enabled then those ports will also show up in the output of this command.
We can see the maximum number of Mac addresses allowed to connect to this port.
It also shows the current Mac address of the device that is connected to the switch port
Security violation count shows the number of violations that occurred on this port, 0 means that there is no violation yet.
Security action shows the outcome of the violation so if a security violation happens then the port will be shut down because we have configured this port to be shut down in case of any security breach.
Show port security address
Show port security address command shows the number of Mac addresses connected to the switch port, it also shows the VLAN of the port and type is how the switch port learned the Mac address.
We can see the following types
Secured dynamic – This means that the switch port learns this Mac address dynamically.
Secured Configured – This means that we have manually entered the Mac address that can be connected to the port
Secured sticky – It means that the switch will only allow one Mac address that is connected to the switch port the first time.
Show port security interface FastEthernet 0/1
This show command shows the switch port security configuration of the particular port so we can check the configuration of any port by using this command.
We can see lots of information about the port using this command.
The below screenshot shows the output
System administrators can use these commands to troubleshoot the security issues on the Cisco switches.
