Setting the port security mode – H3C Technologies H3C S6300 Series Switches User Manual

148

Step Command

Remarks

2.

Enter Layer 2 Ethernet
interface view.

interface interface-type
interface-number

N/A

3.

Set the maximum number of
secure MAC addresses

allowed on a port.

port-security max-mac-count
count-value

By default, port security does not
limit the number of secure MAC
addresses on a port.

Setting the port security mode

Before you set a port security mode for a port, complete the following tasks:

•

Disable 802.1X and MAC authentication.

•

Verify that the port does not belong to any aggregation group.

•

If you are configuring the autoLearn mode, set port security's limit on the number of secure MAC
addresses. You cannot change the setting when the port is operating in autoLearn mode.

Follow these guidelines when you set the port security mode:

•

You can specify a port security mode when port security is disabled, but your configuration cannot
take effect.

•

Changing the port security mode of a port logs off the online users of the port.

•

Do not enable 802.1X authentication or MAC authentication on a port where port security is

configured.

To enable a port security mode:

Step Command

Remarks

1.

Enter system view.

system-view N/A

2.

(Optional.) Set an OUI value
for user authentication.

port-security oui index index-value
mac-address oui-value

By default, no OUI value is
configured for user authentication.
This command is required for the
userlogin-withoui mode.
You can set multiple OUIs, but

when the port security mode is
userlogin-withoui, the port allows

one 802.1X user and only one user

that matches one of the specified
OUIs.

3.

Enter Layer 2 Ethernet
interface view.

interface interface-type
interface-number

N/A