Configuring Protected Port

This task configures the protected port feature on a single and multiple interfaces in interface or multiple interface (MIF) mode.

Use the no form of the protected-port command to disable the feature.

  1. Enter global configuration mode.
    device# configure terminal
  2. To configure this feature on a single interface, specify an interface. and enter the protected-port command.
    device(config)# interface ethernet 1/1/1
  3. Enter the protected-port command.
    device(config-if-e1000-1/1/1)# protected-port 
  4. Enter the show interface ethernet command to confirm the interface configuration.
    device# show interface ethernet 1/1/1
    GigabitEthernet1/1/1 is down, line protocol is down 
      Port down for 3 minute(s) 59 second(s) 
      Hardware is GigabitEthernet, address is 748e.f882.f480 (bia 748e.f882.f480)
      Configured speed auto, actual unknown, configured duplex fdx, actual unknown
      Configured mdi mode AUTO, actual unknown
      Member of L2 VLAN ID 1, port is untagged, port state is BLOCKING
     <---output omitted--->
      0 packets output, 0 bytes, 0 underruns                          
      Transmitted 0 broadcasts, 0 multicasts, 0 unicasts
      0 output errors, 0 collisions
      Relay Agent Information option: Disabled
      Protected: Yes	
  5. Use the show protected-ports command to confirm the system-wide configuration.
    device# show protected-ports 
      System-Wide Protected Ports: ethe 1/1/1 ethe 2/1/1 ethe 3/1/1 lag lg1

The following example enables this feature for multiple interfaces in MIF mode (recommended).

device(config)# interface ethernet 2/1/1 ethernet 3/1/1
device(config-if-e1000-2/1/1,3/1/1)# protected-port

The following example uses a range of interfaces before enabling this feature for multiple interfaces.

device(config)# interface ethernet 2/1/1 to ethernet 2/1/48
device(config-if-e1000-2/1/1:2/1/48)# protected-port

The following example enables this feature on LAG virtual interface.

device(config)# interface lag 1
device(config-lag-if-lg1)# protected-port