1-5
Task Remarks
Ignoring the Authorization Information from the RADIUS Server Optional
Configuring Security MAC Addresses Optional
Enabling Port Security
Configuration Prerequisites
Before enabling port security, you need to disable 802.1x and MAC authentication globally.
Enabling Port Security
Follow these steps to enable port security:
To do... Use the command... Remarks
Enter system view
system-view
—
Enable port security
port-security enable
Required
Disabled by default
Enabling port security resets the following configurations on the ports to the defaults (shown in
parentheses below):
z 802.1x (disabled), port access control method (macbased), and port access control mode (auto)
z MAC authentication (disabled)
In addition, you cannot perform the above-mentioned configurations manually because these
configurations change with the port security mode automatically.
z For details about 802.1x configuration, refer to the sections covering 802.1x and System-Guard.
z For details about MAC authentication configuration, refer to the sections covering MAC
authentication configuration.
Setting the Maximum Number of MAC Addresses Allowed on a Port
Port security allows more than one user to be authenticated on a port. The number of authenticated
users allowed, however, cannot exceed the configured upper limit.
By setting the maximum number of MAC addresses allowed on a port, you can
z Control the maximum number of users who are allowed to access the network through the port
z Control the number of Security MAC addresses that can be added with port security
To Next Page
Loading...
