Setting the maximum number of secure mac addresses, Setting the port security mode, Configuration prerequisites – H3C Technologies H3C S7500E Series Switches User Manual

9-7

Setting the Maximum Number of Secure MAC Addresses

The maximum number of users a port supports in a port security mode is determined by the maximum

number of secure MAC addresses or the maximum number of authenticated users that the security

mode supports, whichever is smaller.

By setting the maximum number of MAC addresses allowed on a port, you can:

z

Control the number of secure MAC addresses that a port can learn for port security.

z

Control the maximum number of users who are allowed to access the network through the port.

Follow these steps to set the maximum number of secure MAC addresses allowed on a port:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Enter interface view

interface interface-type

interface-number

—

Set the maximum number of

secure MAC addresses allowed on

a port

port-security max-mac-count

count-value

Required

Not limited by default

This configuration is independent of the MAC learning limit described in MAC Address Table

Configuration in the Layer 2 - LAN Switching Command Reference.

Setting the Port Security Mode

Configuration Prerequisites

Before setting the port security mode, ensure that:

z

On the port, 802.1X is disabled, the port access control method is macbased, and the port

authorization mode is auto.

z

MAC authentication is disabled on the port.

z

The port does not belong to any aggregation group or service loopback group.

(The requirements above must be all met. Otherwise, an error message appears when you set a

security mode on the port. On the other hand, after setting a port security mode on a port, you cannot

change any of the configurations above.)

z

Before configuring the port to operate in autoLearn mode, set the maximum number of secure

MAC addresses allowed on a port.