Step
2.
Enter Layer 2 Ethernet
interface view.
3.
Set the maximum number of
secure MAC addresses
allowed on a port.
Setting the port security mode
Before you set a port security mode for a port, complete the following tasks:
Disable 802.1X and MAC authentication.
•
Verify that the port does not belong to any aggregation group or service loopback group.
•
If you are configuring the autoLearn mode, set port security's limit on the number of secure MAC
•
addresses. You cannot change the setting when the port is operating in autoLearn mode.
Follow these guidelines when you set the port security mode:
You can specify a port security mode when port security is disabled, but your configuration cannot
•
take effect.
Changing the port security mode of a port logs off the online users of the port.
•
Do not enable 802.1X authentication or MAC authentication on a port where port security is
•
configured.
To enable a port security mode:
Step
1.
Enter system view.
(Optional.) Set an OUI value
2.
for user authentication.
Enter Layer 2 Ethernet
3.
interface view.
Command
interface interface-type
interface-number
port-security max-mac-count
count-value
Command
system-view
port-security oui index index-value
mac-address oui-value
interface interface-type
interface-number
150
Remarks
N/A
By default, port security does not
limit the number of secure MAC
addresses on a port.
Remarks
N/A
By default, no OUI value is
configured for user authentication.
This command is required for the
userlogin-withoui mode.
You can set multiple OUIs, but
when the port security mode is
userlogin-withoui, the port allows
one 802.1X user and only one user
that matches one of the specified
OUIs.
N/A