30 January, 2014

L2 and macro

#Create macro 
Switch(config)#macro name L2_SEC
Enter macro commands one per line. End with the character '@'.
speed 100
 duplex full
 switchport mode access
 switchport nonegotiate
 switchport port-security
 switchport port-security maximum 1
 switchport port-security mac-address sticky
 switchport port-security violation shutdown
 no cdp enable
 spanning-tree portfast
 spanning-tree bpduguard enable
 ip dhcp snooping limit rate 5
@

 Switch(config)#do show run | beg L2
macro name L2_SEC
speed 100
 duplex full
 switchport mode access
 switchport nonegotiate
 switchport port-security
 switchport port-security maximum 1
 switchport port-security mac-address sticky
 switchport port-security violation shutdown
 no cdp enable
 spanning-tree portfast
 spanning-tree bpduguard enable
 ip dhcp snooping limit rate 5

 Switch(config)#interface range fa 0/5-6 
or
Switch(config)#define interface-range ACCESS fastEthernet 0/5-6
Switch(config)#interface range macro ACCESS

 #Apply macro to interfaces
Switch(config-if-range)#macro apply L2_SEC

 %Warning: portfast should only be enabled on ports connected to a single
 host. Connecting hubs, concentrators, switches, bridges, etc... to this
 interface  when portfast is enabled, can cause temporary bridging loops.
 Use with CAUTION

 %Portfast will be configured in 2 interfaces due to the range command
 but will only have effect when the interfaces are in a non-trunking mode.

 #Verify
Switch(config-if-range)#do show run interface fas 0/5
Building configuration...
interface FastEthernet0/5
 switchport mode access
 switchport nonegotiate
 switchport port-security
 switchport port-security mac-address sticky
 speed 100
 duplex full
 macro description L2_SEC
 no cdp enable
 spanning-tree portfast
 spanning-tree bpduguard enable
 ip dhcp snooping limit rate 5
end

 Switch(config-if-range)#do show run interface fas 0/6
Building configuration...
interface FastEthernet0/6
 switchport mode access
 switchport nonegotiate
 switchport port-security
 switchport port-security mac-address sticky
 speed 100
 duplex full
 macro description L2_SEC
 no cdp enable
 spanning-tree portfast
 spanning-tree bpduguard enable
 ip dhcp snooping limit rate 5
end

At
Tags:: , ,