Setting the port security mode – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

227

NOTE:

This configuration is independent of the MAC learning limit described in MAC address table configuration
in the

Layer 2 Configuration Guide.

Setting the port security mode

Before you set a port security mode for a port, complete the following tasks:

•

Disable 802.1X and MAC authentication.

•

Check that the port does not belong to any aggregation group or service loopback group.

NOTE:
•

You can specify a port security mode when port security is disabled, but your configuration cannot take
effect.

•

You cannot change the port security mode of a port when online users are present.

To enable a port security mode:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Set an OUI value for
user authentication.

port-security oui oui-value index
index-value

Optional.
Not configured by default.
The command is required for the

userlogin-withoui mode.

3.

Enter interface view.

interface interface-type
interface-number

To specify the userloginWithOUI
mode, you must enter Layer 2 Ethernet
interface view or WLAN-ESS interface

view.

4.

Set the port security
mode.

port-security port-mode
{ mac-authentication |

mac-else-userlogin-secure |

mac-else-userlogin-secure-ext | secure
| userlogin | userlogin-secure |

userlogin-secure-ext |

userlogin-secure-or-mac |
userlogin-secure-or-mac-ext |

userlogin-withoui }

By default, a port operates in
noRestrictions mode.

NOTE:
•

A port in userLoginWithOUI mode allows only one 802.1X user and one user whose MAC address
contains any specified OUI to pass authentication concurrently.

•

After enabling port security, you can change the port security mode of a port only when the port is
operating in noRestrictions (the default) mode. To change the port security mode for a port in any other

mode, use the undo port-security port-mode command to restore the default port security mode first.