EasyManuals Logo

H3C S3100 Series Command Manual

H3C S3100 Series
1244 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #201 background imageLoading...
Page #201 background image
1-8
Examples
# Enable port security.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] port-security enable
Notice: The port-control of 802.1x will be restricted to auto when port-security is enabled.
Please wait... Done.
port-security guest-vlan
Syntax
port-security guest-vlan vlan-id
undo port-security guest-vlan
View
Ethernet port view
Parameters
vlan-id: Specifies a guest VLAN by its VLAN ID in the range of 1 to 4094. The VLAN must already exist.
Description
Use the port-security guest-vlan command to specify an existing VLAN as the guest VLAN of a port.
Use the undo port-security guest-vlan command to remove the guest VLAN configuration.
By default, no guest VLAN is specified for a port.
Note that:
z Only an existing VLAN can be specified as a guest VLAN. Make sure the guest VLAN of the port
contain the resources that the users need.
z If one user of the port has passed or is undergoing authentication, you cannot specify a guest
VLAN for it.
z When a user using a port with a guest VLAN specified fail the authentication, the port is added to
the guest VLAN.
z Multiple users may connect to one port in the macAddressOrUserLoginSecure mode for
authentication; however, after a guest VLAN is specified, a maximum of one user can pass the
security authentication. In this case, the authentication client software of the other 802.1x users
displays messages about the failure; MAC address authentication does not have any client
software and therefore no such messages will be displayed.
z To change the security mode from macAddressOrUserLoginSecure mode of a port that is
assigned to a guest VLAN, execute the undo port-security guest-vlan command first to remove
the guest VLAN configuration.
z For a port configured with both the port-security guest-vlan and port-security intrusion-mode
disableport commands, when authentication of a user fails, only the intrusion detection feature is
triggered. The port is not added to the specified guest VLAN.
z It is not recommended to configure the port-security guest-vlan and port-security
intrusion-mode blockmac commands simultaneously for a port. Because when the

Table of Contents

Other manuals for H3C S3100 Series

Preview: Operation Manual
Operation Manual1057 pages
Preview: Installation Manual
Installation Manual94 pages
Preview: Operation Manual Product Overview
Operation Manual Product Overview11 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the H3C S3100 Series and is the answer not in the manual?

H3C S3100 Series Specifications

General IconGeneral
BrandH3C
ModelS3100 Series
CategorySwitch
LanguageEnglish

Related product manuals