Port Security Configuration 125
Enabling Port Security Before enabling port security, you need to disable 802.1x and MAC authentication
globally.
c
CAUTION: Enabling port security resets the following configurations on the ports
to the defaults (shown in parentheses below):
■ 802.1x (disabled), port access control method (macbased), and port access
control mode (auto)
■ MAC authentication (disabled)
In addition, you cannot perform the above-mentioned configurations manually
because these configurations change with the port security mode automatically.
n
■ For details about 802.1x configuration, refer to “802.1x Configuration” on
page 211 and “System-Guard Configuration” on page 235.
■ For details about MAC Authentication configuration, refer to “MAC
Authentication Configuration” on page 269.
Setting the Maximum
Number of MAC
Addresses Allowed on a
Port
Port security allows more than one user to be authenticated on a port. The
number of authenticated users allowed, however, cannot exceed the configured
upper limit.
By setting the maximum number of MAC addresses allowed on a port, you can
■ Control the maximum number of users who are allowed to access the network
through the port
■ Control the number of Security MAC addresses that can be added with port
security
This configuration is different from that of the maximum number of MAC
addresses that can be leaned by a port in MAC address management.
“Configuring Security MAC Addresses” Optional
Table 78 Port security configuration tasks
Task Remarks
Tab le 79 Enable port security
Operation Command Remarks
Enter system view system-view -
Enable port security port-security enable Required
Disabled by default
Tab le 80 Set the maximum number of MAC addresses allowed on a port
Operation Command Remarks
Enter system view system-view -
Enter Ethernet port view interface interface-type
interface-number
-
To Next Page
Loading...
