Configuration Procedure; Ignoring Authorization Information From The Server - HP 3600 v2 Series Security Configuration Manual

Configuration procedure

Follow these steps to configure a secure MAC address:
To do...
Enter system view
Set the secure MAC aging timer
Configure a secure MAC
address
Enter Layer 2 Ethernet interface
view
Enable secure MAC aging delay
Enable the dynamic secure MAC
function
NOTE:
You can display dynamic secure MAC addresses only by using the display port-security mac-address
security command.

Ignoring authorization information from the server

The authorization information is delivered by the RADIUS server to the device after an 802.1X user or
MAC authenticated user passes RADIUS authentication. You can configure a port to ignore the
authorization information from the RADIUS server.
Use the command...
system-view
port-security timer autolearn aging
time-value
Approach 1 (in system view):
port-security mac-address security
[ sticky] mac-address interface
interface-type interface-number
vlan vlan-id
Approach 2 (in interface view):
interface interface-type
interface-number
port-security mac-address security
[ sticky] mac-address vlan vlan-id
quit
interface interface-type
interface-number
port-security mac-address
aging-type inactivity
port-security mac-address dynamic
209
Remarks
—
Optional
By default, secure MAC addresses
do note age out, and you can
remove them only by performing the
undo port-security mac-address
security command, changing the
port security mode, or disabling the
port security feature.
Required
Use either approach
No secure MAC address exists by
default.
—
Optional
By default, a stick or dynamic MAC
address is deleted immediately
when the secure MAC aging timer
expires.
Optional
By default, sticky MAC addresses
can be saved to the configuration
file, and once saved, can survive a
device reboot.