Configuring Port Security

This section contains payload examples and CLIs to demonstrate how to use the NX-API REST API to configure port security on Cisco Nexus 3000 and 9000 Series switches and to show how the REST APIs correspond to the CLI commands. For more information about security features, see the Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 7.x.

https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-installation-and-configuration-guides-list.html/

Enabling Port Security

Enabling Port Security

POST http://<mgmt0_IP>/api/mo/sys/fm.json

{
  "fmEntity": {
    "children": [
      {
        "fmPortSec": {
          "attributes": {
            "adminSt": "enabled"
}}}]}}

{
  "imdata": [
    {
      "warning": {
        "attributes": {
          "text": "Please apply the same port-security config on the peer device also, if VPC is configured\n"
        }
      }
    }
  ]
}

<System>
  <fm-items>
    <portsec-items>
      <adminSt>enabled</adminSt>
    </portsec-items>
  </fm-items>
</System>

Note: This example was added in Release 7.0(3)I7(3).


CLI Commands

The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.

feature port-security

For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html

See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/media/dme/index.html

For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html

Disabling Port Security

Disabling Port Security

POST http://<mgmt0_IP>/api/mo/sys/fm.json

{
  "fmEntity": {
    "children": [
      {
        "fmPortSec": {
          "attributes": {
            "adminSt": "disabled"
}}}]}}

{
    "imdata": []
}

<System>
  <fm-items>
    <portsec-items>
      <adminSt>disabled</adminSt>
    </portsec-items>
  </fm-items>
</System>

Note: This example was added in Release 7.0(3)I7(3).


CLI Commands

The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.

no feature port-security

For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html

See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/media/dme/index.html