beautypg.com

Configuring permitted oui, Table 93 – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 341

background image

328

Table 93 Configuration items

Item Description

Port

Select the port where you want to configure port security.
By default, port security is disabled on all ports and access to the ports is not

restricted.

Security Mode

Select a port security mode.
For more information about advanced security modes, see H3C WX3000E Series

Wireless Switches Switching Engine Configuration Guide.

Enable Intrusion
Protection

Select the option to enable intrusion protection, and select the action to take upon
detection of illegal frames.
Available actions include:

Disable Port Temporarily—Disables the port for a period of time. The period can

be configured in the global settings. For more information, see "

Configuring

global settings for port security

."

Disable Port Permanently—The port will not come up unless being brought up

manually.

Block MAC—Adds the source MAC addresses of illegal frames to the blocked

MAC addresses list and discards the frames. All subsequent frames sourced from

a blocked source MAC address will be dropped. A blocked MAC address is

restored to normal state after being blocked for three minutes. The interval is fixed
and cannot be changed.

Enable Outbound
Restriction

Select the option to enable the outbound traffic control and select the control method.
Available control methods include:

Only MAC-Known Unicasts—Allows only unicasts frames with their destination

MAC addresses being authenticated to pass through.

Only Broadcasts and MAC-Known Unicasts—Allows only broadcast and unicasts

packets with their destination MAC addresses being authenticated to pass

through.

Only Broadcasts, Multicasts, and MAC-Known Unicasts—Allows only broadcast,

multicast, and unicasts packets with their destination MAC addresses being

authenticated to pass through.

Ignore Authorization

Select the option to configure the port to ignore the authorization information from
the RADIUS server.
The authorization information is delivered by the RADIUS server to the device after

an 802.1X user or MAC authenticated user passes RADIUS authentication.

Configuring permitted OUI

1.

From the navigation tree, select Authentication > Port Security to enter the page as shown in

Figure

309

.

2.

In the Advanced Port Security Configuration area, click Permitted OUIs to expand the area.

See also other documents in the category H3C Technologies Routers: