Operation Manual – Port Security-Port Binding
H3C S3100 Series Ethernet Switches Chapter 1 Port Security Configuration
1-9
II. Configuring intrusion protection
Follow these steps to configure the intrusion protection feature:
To do... Use the command... Remarks
Enter system view
system-view
—
Enter Ethernet port view
interface interface-type
interface-number
—
Set the corresponding
action to be taken by the
switch when intrusion
protection is triggered
port-security
intrusion-mode { blockmac |
disableport |
disableport-temporarily }
Required
By default, intrusion
protection is
disabled.
Return to system view
quit
—
Set the timer during which
the port remains disabled
port-security timer
disableport timer
Optional
20 seconds by
default
 Note:
The port-security timer disableport command is used in conjunction with the
port-security intrusion-mode disableport-temporarily command to set the length of
time during which the port remains disabled.
Caution:
If you configure the NTK feature and execute the port-security intrusion-mode
blockmac command on the same port, the switch will be unable to disable the packets
whose destination MAC address is illegal from being sent out that port; that is, the NTK
feature configured will not take effect on the packets whose destination MAC address is
illegal.
To Next Page
Loading...
Need help?
General