Port security configuration task list, Enabling port security, Configuration prerequisites – H3C Technologies H3C S3600 Series Switches User Manual

1-8

z

In userLogin mode, neither NTK nor intrusion protection will be triggered. In any other port security

mode, the two features will be triggered upon detection of illegal frames.

z

In userLoginWithOUI mode, intrusion protection will not be triggered even if the OUI value does

not match.

z

When a port operates in either the macAddressElseUserLoginSecure mode or the

macAddressElseUserLoginSecureExt mode, intrusion protection will be triggered only after both

MAC authentication and 802.1X authentication on the same packet fail.

Port Security Configuration Task List

Complete the following tasks to configure port security:

Task

Remarks

Enabling Port Security

Required

Setting the Maximum Number of Secure MAC Addresses Allowed on a
Port

Optional

Setting the Port Security Mode

Required

Configuring the NTK feature

Configuring intrusion protection

Configuring Port Security
Features

Configuring trapping

Optional

Choose one or more
features as required.

Configuring Guest VLAN for a Port in macAddressOrUserLoginSecure
mode

Optional

Ignoring the Authorization Information from the RADIUS Server

Optional

Configuring Secure MAC Addresses

Optional

Enabling Port Security

Configuration Prerequisites

Before enabling port security, disable 802.1X and MAC authentication globally.

Enabling Port Security

Follow these steps to enable port security: