Operation Manual – Port Security & Port Binding
Quidway S5600 Series Ethernet Switches-Release 1510 Chapter 1 Port Security Configuration
Huawei Technologies Proprietary
1-3
Security
mode
Description Feature
userlogin
-secure
The port is enabled only after the access user
passes the 802.1x authentication. Even after the
port is enabled, only the packets of the
successfully authenticated user can pass through
the port.
In this mode, only one 802.1x-authenticated user
is allowed to access the port.
When the port changes from the normal mode to
this security mode, the system automatically
removes the existing dynamic MAC address
entries and authenticated MAC address entries on
the port.
userlogin
-withoui
This mode is similar to the userlogin-secure
mode, except that there can be one OUI-carrying
MAC address being successfully authenticated in
addition to the single 802.1x-authenticated user
who is allowed to access the port.
When the port changes from the normal mode to
this security mode, the system automatically
removes the already existing
dynamic/authenticated MAC address entries on
the port.
mac-auth
entication
In this mode, MAC address–based authentication
is performed for access users.
userlogin
-secure-o
r-mac
In this mode, the two kinds of authentication in
mac-authentication and userlogin-secure
modes can be performed simultaneously. If both
kinds of authentication succeed, the
userlogin-secure mode takes precedence over
the mac-authentication mode.
mac-else-
userlogin
-secure
In this mode, first the MAC-based authentication is
performed. If this authentication succeeds, the
mac-authentication mode is adopted, or else, the
authentication in userlogin-secure mode is
performed.
userlogin
-secure-e
xt
This mode is similar to the userlogin-secure
mode, except that there can be more than one
802.1x-authenticated user on the port.
userlogin
-secure-o
r-mac-ext
This mode is similar to the
userlogin-secure-or-mac mode, except that
there can be more than one 802.1x-authenticated
user on the port.
mac-else-
userlogin
-secure-e
xt
This mode is similar to the
mac-else-userlogin-secure mode, except that
there can be more than one 802.1x-authenticated
user on the port.
In these modes,
the device
enables the NTK
and Intrusion
Protection
features upon
detecting an
illegal packet.
To Next Page
Loading...
