beautypg.com

Enabling port security, Required.), Optional.) – H3C Technologies H3C S6300 Series Switches User Manual

Page 162: Addresses on a port

background image

147

Tasks at a glance

Remarks

(Optional.)

Ignoring authorization information from the server

N/A

(Optional.)

Enabling MAC move

N/A

Enabling port security

Before you enable port security, disable 802.1X and MAC authentication globally.
When port security is enabled, you cannot enable 802.1X or MAC authentication, or change the access
control mode or port authorization state. The port security automatically modifies these settings in

different security modes.
To enable port security:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enable port security.

port-security enable

Port security is disabled.

You can use the undo port-security enable command to disable port security. Because it logs off the

online users, make sure no online users are present.
Enabling or disabling port security resets the following security settings to the default:

802.1X access control mode is MAC-based.

802.1X port authorization state is auto.

For more information about 802.1X authentication and MAC authentication configuration, see
"

Configuring 802.1X

" and "

Configuring MAC authentication

."

Setting port security's limit on the number of secure

MAC addresses on a port

You can set the maximum number of secure MAC addresses that port security allows on a port for the

following purposes:

Controlling the number of concurrent users on the port. For a port operating in a security mode that
performs MAC authentication, 802.1X authentication, or both, the maximum number of concurrent

users on the port equals this limit or the limit of the authentication mode in use, whichever is smaller.

Controlling the number of secure MAC addresses on the port in autoLearn mode.

The port security's limit on the number of secure MAC addresses on a port is independent of the MAC
learning limit described in MAC address table configuration in Layer 2—LAN Switching Configuration

Guide.
To set the maximum number of secure MAC addresses allowed on a port:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: