beautypg.com

Setting the port security mode – H3C Technologies H3C S3600 Series Switches User Manual

Page 200

background image

1-10

Setting the Port Security Mode

Follow these steps to set the port security mode:

To do...

Use the command...

Remarks

Enter system view

system-view

Set the OUI value for user
authentication

port-security oui OUI-value
index index-value

Optional

In userLoginWithOUI mode, a
port allows only one 802.1X
user and one user whose
source MAC address contains
a specified OUI to pass
authentication at the same
time.

Enter Ethernet port view

interface interface-type
interface-number

Set the port security mode

port-security port-mode
{ autolearn |
mac-and-userlogin-secure |
mac-and-userlogin-secure-e
xt | mac-authentication |
mac-else-userlogin-secure |
mac-else-userlogin-secure-e
xt | secure | userlogin |
userlogin-secure |
userlogin-secure-ext |
userlogin-secure-or-mac |
userlogin-secure-or-mac-ext
| userlogin-withoui }

Required

By default, a port operates in
noRestriction mode. In this
mode, access to the port is not
restricted.

You can set a port security
mode as needed.

z

Before setting the port to operate in the autoLearn mode, be sure to set the maximum number of

secure MAC addresses allowed on the port with the port-security max-mac-count command.

z

When the port operates in the autoLearn mode, you cannot change the maximum number of

secure MAC addresses allowed on the port.

z

After you set the port security mode to autoLearn, you cannot configure any static or blackhole

MAC addresses on the port.

z

After enabling port security, you can change the port security mode of a port only when the port is

operating in noRestriction mode, the default mode. To change the port security mode of a port

operating in any other mode, use the undo port-security port-mode command to restore the

default port security mode first.

If the port-security port-mode mode command has been executed on a port, none of the following can

be configured on the same port:

z

Maximum number of secure MAC addresses that the port can learn

z

Reflector port for port mirroring

z

Fabric port

z

Link aggregation

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: