Navigation
Supported Platforms
secure-access-port
Syntax
secure-access-port {deactivate;dhcp-snooping-file {location (local_pathname | remote_URL);timeout seconds;write-interval seconds;}interface (all | interface-name) {allowed-mac mac-address-list;(dhcp-trusted | no-dhcp-trusted);fcoe-trusted;mac-limit limit {<action action>;}no-allowed-mac-log;persistent-learning;static-ip ip-address {vlan vlan-name;mac mac-address; }}vlan (all | vlan-name) {(arp-inspection | no-arp-inspection) [forwarding-class (for DHCP Snooping or DAI Packets) class-name;}dhcp-option82 {circuit-id {prefix (Circuit ID for Option 82) hostname;use-interface-description;use-vlan-id;} remote-id {prefix (Remote ID for Option 82) hostname | mac | none;use-interface-description;use-string string;}vendor-id <string>;}(examine-dhcp | no-examine-dhcp) {forwarding-class (for DHCP Snooping or DAI Packets) class-name;}examine-fip {examine-vn2vn {beacon-period milliseconds;}fc-map fc-map-value;}mac-move-limit limit action action;}
Hierarchy Level
[edit ethernet-switching-options]
Release Information
Statement introduced in Junos OS Release 11.1 for the QFX Series.
Description
Configure port security features, including MAC limiting and whether interfaces can receive DHCP responses, and apply dynamic ARP inspection, DHCP snooping, DHCP option 82, and MAC move limiting on no VLANs, specific VLANs, or all VLANs.
The remaining statements are explained separately.
Required Privilege Level
routing—To view this statement in the
configuration.
routing-control—To add this statement
to the configuration.
