122 CHAPTER 12: PORT SECURITY CONFIGURATION
Tabl e 77 Description of port security modes
Security mode Description Feature
noRestriction In this mode, access to the port is
not restricted.
In this mode, neither the NTK
nor the intrusion protection
feature is triggered.
autolearn In this mode, the port
automatically learns MAC
addresses and changes them to
security MAC addresses.
This security mode will
automatically change to the
secure mode after the amount of
security MAC addresses on the
port reaches the maximum
number configured with the
port-security max-mac-count
command.
After the port security mode is
changed to the secure mode,
only those packets whose source
MAC addresses are security MAC
addresses learned can pass
through the port.
In either mode, the device will
trigger NTK and intrusion
protection upon detecting an
illegal packet.
secure In this mode, the port is disabled
from learning MAC addresses.
Only those packets whose source
MAC addresses are security MAC
addresses learned and static MAC
addresses can pass through the
port.
userlogin In this mode, port-based 802.1x
authentication is performed for
access users.
In this mode, neither NTK nor
intrusion protection will be
triggered.
To Next Page
Loading...
