Displaying Port Security Configuration 129
Before continuing, make sure that:
■ Port security is enabled.
■ The maximum number of security MAC addresses allowed on the port is set.
■ The security mode of the port is set to autolearn.
Displaying Port
Security Configuration
After the above configuration, you can use the display command in any view to
display port security information and verify your configuration.
Port Security
Configuration
Example
Port Security
Configuration Example
Network requirements
Implement access user restrictions through the following configuration on
Ethernet1/0/1 of the switch.
■ Allow a maximum of 80 users to access the port without authentication and
permit the port to learn and add the MAC addresses of the users as security
MAC addresses.
■ To ensure that Host can access the network, add the MAC address
0001-0002-0003 of Host as a security MAC address to the port in VLAN 1.
■ After the number of security MAC addresses reaches 80, the port stops
learning MAC addresses. If any frame with an unknown MAC address arrives,
intrusion protection is triggered and the port will be disabled and stay silent for
30 seconds.
Tab le 86 Configure a security MAC address
Operation Command Remarks
Enter system view system-view -
Add a security
MAC address
In system
view
mac-address security
mac-address interface
interface-type
interface-number vlan vlan-id
Either is required.
By default, no security MAC
address is configured.
In Ethernet
port view
interface interface-type
interface-number
mac-address security
mac-address vlan vlan-id
Tab le 87 Display port security configuration
Operation Command Remarks
Display information about
port security configuration
display port-security [
interface interface-list ]
You can execute the display
command in any view.
Display information about
security MAC address
configuration
display mac-address
security [ interface
interface-type
interface-number ] [ vlan
vlan-id ] [ count ]
To Next Page
Loading...
