Setting the 802.1x authentication timeout timers, Setting the port security mode – H3C Technologies H3C S12500-X Series Switches User Manual
Page 106
94
67B
Setting the port security mode
Before you set a port security mode for a port, complete the following tasks:
•
Disable 802.1X and MAC authentication.
•
Verify that the port does not belong to any aggregation group or service loopback group.
•
If you are configuring the autoLearn mode, set port security's limit on the number of secure MAC
addresses. You cannot change the setting when the port is operating in autoLearn mode.
Follow these guidelines when you set the port security mode:
•
You can specify a port security mode when port security is disabled, but your configuration cannot
take effect.
•
Changing the port security mode of a port logs off the online users of the port.
•
Do not enable 802.1X authentication or MAC authentication on a port where port security is
configured.
To enable a port security mode:
Step Command
Remarks
1.
Enter system view.
system-view N/A
2.
(Optional.) Set an OUI value
for user authentication.
port-security oui index index-value
mac-address oui-value
By default, no OUI value is
configured for user authentication.
This command is required for the
userlogin-withoui mode.
You can set multiple OUIs, but
when the port security mode is
userlogin-withoui, the port allows
one 802.1X user and only one user
that matches one of the specified
OUIs.
3.
Enter interface view.
interface interface-type
interface-number
N/A
4.
Set the port security mode.
port-security port-mode
{ autolearn | mac-authentication |
mac-else-userlogin-secure |
mac-else-userlogin-secure-ext |
secure | userlogin |
userlogin-secure |
userlogin-secure-ext |
userlogin-secure-or-mac |
userlogin-secure-or-mac-ext |
userlogin-withoui }
By default, a port operates in
noRestrictions mode.
After enabling port security, you
can change the port security mode
of a port only when the port is
operating in noRestrictions (the
default) mode. To change the port
security mode for a port in any
other mode, first use the undo
port-security port-mode command
to restore the default port security
mode.
- H3C S5560 Series Switches H3C WX6000 Series Access Controllers H3C WX5000 Series Access Controllers H3C WX3000 Series Unified Switches H3C LSWM1WCM10 Access Controller Module H3C LSWM1WCM20 Access Controller Module H3C LSQM1WCMB0 Access Controller Module H3C LSRM1WCM2A1 Access Controller Module H3C LSBM1WCM2A0 Access Controller Module H3C S9800 Series Switches H3C S5130 Series Switches H3C S5120 Series Switches