Allied Telesis AT-S63 User Manual

Page 616

background image

Chapter 33: MAC Address-based Port Security Commands

616

Section VIII: Port Security

intrusionaction

Specifies the action taken by the port in the event port
security is violated. This parameter applies only to the
Limited security mode. Intrusion actions are:

discard

Discards invalid frames. This is the

default setting.

trap

Discards invalid frames and sends a

management trap.

disable

Discards invalid frames, sends a

management trap, and disables the port.

The intrusion action of a port operating in the Secured
or Locked security level is to discard invalid frames.

learn

Specifies the maximum number of dynamic MAC
addresses a port on the switch can learn. This
parameter applies only to ports set to the Limited
security mode. The range is 1 to 255 addresses. The
default is 255.

participate

Enables or disables the intrusion action on the port.
This option only applies to the Limited security mode
and only when a port’s intrusion action is set to trap or
disable. This option does not apply when intrusion
action is set to discard. The options are:

yes, on, true

Enables the trap or disable intrusion

action. These options are equivalent.

no, off, false

Disables the trap or disable intrusion

action. The port still discards invalid
ingress frames. This is the default.
These options are equivalent.

Description

This command sets and configures a port’s security mode. Only one mode
can be active on a port at a time.

Note

For explanations of the security levels and intrusion actions, refer to
Chapter 30, “MAC Address Port Security” in the AT-S63
Management Software Menus Interface User’s Guide
.

To view a port’s current security mode, use the command “SHOW
SWITCH PORT SECURITYMODE” on page 619.