Figure 7-9 Networking diagram of interface security configuration
Switch
SwitchA
Internet
PC1 PC2 PC3
VLAN 10
GE1/0/1
Configuration Roadmap
The configuration roadmap is as follows:
1. Create a VLAN and set the link type of the interface to trunk.
2. Enable the interface security function.
3. Enable the sticky MAC function on the interface.
4. Configure the security protection action on the interface.
5. Set the maximum number of MAC addresses that can be learned by the interface.
Data Preparation
To complete the configuration, you need the following data:
l VLAN allowed by the interface
l Type and number of the interface connected to computers of employees
l Security protection action
l Maximum number of MAC addresses learned by the interface
Procedure
Step 1 Create a VLAN and set the link type of the interface to trunk.
<Quidway> system-view
[Quidway] vlan 10
[Quidway-vlan10] quit
[Quidway] interface gigabitethernet 1/0/1
[Quidway-GigabitEthernet1/0/1] port link-type trunk
[Quidway-GigabitEthernet1/0/1] port trunk allow-pass vlan 10
Quidway S7700 Smart Routing Switch
Configuration Guide - Ethernet 7 MAC Address Table Configuration
Issue 01 (2011-07-15) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
376
To Next Page
Loading...
