beautypg.com

2 network access (mac address authentication) – Planet Technology SGSD-1022 User Manual

Page 472

background image

User’s Manual of SGSD-1022 / SGSD-1022P

SGSW-2840 / SGSW-2840P

472

Interface Configuration (Ethernet)

Command Usage

If you enable port security, the switch stops learning new MAC addresses on the specified port when it has reached a

configured maximum number. Only incoming traffic with source addresses already stored in the dynamic or static address

table will be accepted.

Use the port security command to enable security on a port. Then use the port security action command to set the

response to a port security violation, and the port security max-mac-count command to set the maximum number of

addresses allowed on a port.

You can also manually add secure addresses with the mac-address-table static command.

A secure port has the following restrictions:

-Cannot be connected to a network interconnection device.

-Cannot be a trunk port.

If a port is disabled due to a security violation, it must be manually re-enabled using the no shutdown command.

Example

The following

Example

enables port security for port 5, and sets the response to a security violation to issue a trap

message:

Console(config)#interface ethernet 1/5

Console(config-if)#port security

Console(config-if)#port security action trap

Console(config-if)#

Related Commands

shutdown

mac-address-table static

show mac-address-table

5.13.2 Network Access (MAC Address Authentication)

Network Access authentication controls access to the network by authenticating the MAC address of each host that attempts to

connect to a switch port. Traffic received from a specific MAC address is forwarded by the switch only if the source MAC

address is successfully authenticated by a central RADIUS server. While authentication for a MAC address is in progress, all

traffic is blocked until authentication is completed. Once successfully authenticated, the RADIUS server may optionally assign

VLAN settings for the switch port.

Command

Function

Mode

network-access mode

Enables MAC authentication on an interface

IC

See also other documents in the category Planet Technology Computer Accessories: