Analysis, Solution, Symptom – H3C Technologies H3C S7500E Series Switches User Manual

9-23

Analysis

No secure MAC address can be configured on a port operating in a port security mode other than

autoLearn.

Solution

Set the port security mode to autoLearn.

[Switch-GigabitEthernet2/0/1] undo port-security port-mode

[Switch-GigabitEthernet2/0/1] port-security max-mac-count 64

[Switch-GigabitEthernet2/0/1] port-security port-mode autolearn

[Switch-GigabitEthernet2/0/1] port-security mac-address security 1-1-2 vlan 1

Cannot Change Port Security Mode When a User Is Online

Symptom

Port security mode cannot be changed when an 802.1X authenticated or MAC authenticated user is

online.

[Switch-GigabitEthernet2/0/1] undo port-security port-mode

Error:Cannot configure port-security for there is 802.1X user(s) on line on port

GigabitEthernet2/0/1.

Analysis

Changing port security mode is not allowed when an 802.1X authenticated or MAC authenticated user

is online.

Solution

Use the cut command to forcibly disconnect the user from the port before changing the port security

mode.

[Switch-GigabitEthernet2/0/1] quit

[Switch] cut connection interface gigabitethernet 2/0/1

[Switch] interface gigabitethernet 2/0/1

[Switch-GigabitEthernet2/0/1] undo port-security port-mode