1-4
Security mode Description Feature
macAddressElseUs
erLoginSecureExt
This mode is similar to the
macAddressElseUserLoginSecure mode,
except that there can be more than one
802.1x-authenticated user on the port.
macAddressAndUs
erLoginSecure
In this mode, a port firstly performs MAC
authentication for a user and then performs
802.1x authentication for the user if the user
passes MAC authentication. The user can
access the network after passing the two
authentications.
In this mode, up to one user can access the
network.
macAddressAndUs
erLoginSecureExt
This mode is similar to the
macAddressAndUserLoginSecure mode,
except that more than one user can access
the network.
z When the port operates in the userlogin-withoui mode, Intrusion Protection will not be triggered
even if the OUI address does not match.
z In the macAddressElseUserLoginSecure or macAddressElseUserLoginSecureExt security mode,
the MAC address of a user failing MAC authentication is set as a quiet MAC address. If the user
initiates 802.1x authentication during the quiet period, the switch does not authenticate the user.
z A port with port security configured permits all ordinary Layer 2 packets to be forwarded whose
source MAC addresses are dynamic ones configured on the port.
Port Security Configuration Task List
Complete the following tasks to configure port security:
Task Remarks
Enabling Port Security Required
Setting the Maximum Number of MAC Addresses Allowed on a Port Optional
Setting the Port Security Mode Required
Configuring the NTK feature
Configuring intrusion protection
Configuring Port Security
Features
Configuring the Trap feature
Optional
Choose one or more features
as required.
Configuring Guest VLAN for a Port in
macAddressOrUserLoginSecure mode
Optional
Ignoring the Authorization Information from the RADIUS Server Optional
Configuring Security MAC Addresses Optional
To Next Page
Loading...