[an error occurred while processing this directive] [an error occurred while processing this directive]

secure-access-port

Syntax

secure-access-port {
dhcp-snooping-file {
location local_pathname | remote_URL;
timeout seconds;
write-interval seconds;
}
interface (all | interface-name) {
allowed-mac {
mac-address-list;
}
(dhcp-trusted | no-dhcp-trusted);
mac-limit limit action action;
no-allowed-mac-log;
static-ip ip-address {
vlan vlan-name;
mac mac-address;
}
}
vlan (all | vlan-name) {
(arp-inspection | no-arp-inspection);
dhcp-option82 {
circuit-id {
prefix hostname;
use-interface-description;
use-vlan-id;
}
remote-id {
prefix hostname | mac | none;
use-interface-description;
use-string string;
}
vendor-id <string>;
}
(examine-dhcp | no-examine-dhcp);
(ip-source-guard | no-ip-source-guard);
mac-move-limit limit action action;
}
}

Hierarchy Level

[edit ethernet-switching-options]

Release Information

Statement introduced in JUNOS Release 9.0 for EX Series switches.

Options static-ip and ip-source-guard introduced in JUNOS Release 9.2 for EX Series switches.

Options dhcp-option82 and no-allowed-mac-log introduced in JUNOS Release 9.3 for EX Series switches.

Option dhcp-snooping-file introduced in JUNOS Release 9.4 for EX Series switches.

Description

Configure port security features, including MAC limiting and whether interfaces can receive DHCP responses, and apply dynamic ARP inspection, DHCP snooping, IP source guard, DHCP option 82, and MAC move limiting to no VLANs, specific VLANs, or all VLANs.

The remaining statements are explained separately.

Required Privilege Level

routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.

Published: 2009-07-23

[an error occurred while processing this directive]