HP 3600 v2 Series Security Configuration Manual page 222
Hide thumbs
Also See for 3600 v2 Series:
- Command reference manual (510 pages) ,
- Configuration manual (449 pages) ,
- Installation manual (62 pages)
Table of Contents
Advertisement
Figure 88 Network diagram
Configuration procedure
# Enable port security.
<Device> system-view
[Device] port-security enable
# Set the secure MAC aging timer to 30 minutes.
[Device] port-security timer autolearn aging 30
# Enable intrusion protection traps on port Ethernet 1/0/1.
[Device] port-security trap intrusion
[Device] interface ethernet 1/0/1
# Set port security's limit on the number of MAC addresses to 64 on the port.
[Device-Ethernet1/0/1] port-security max-mac-count 64
# Set the port security mode to autoLearn.
[Device-Ethernet1/0/1] port-security port-mode autolearn
# Configure the port to be silent for 30 seconds after the intrusion protection feature is triggered.
[Device-Ethernet1/0/1] port-security intrusion-mode disableport-temporarily
[Device-Ethernet1/0/1] quit
[Device] port-security timer disableport 30
Verifying the configuration
# Display the port security configuration.
<Device> display port-security interface ethernet 1/0/1
Equipment port-security is enabled
Intrusion trap is enabled
AutoLearn aging time is 30 minutes
Disableport Timeout: 30s
OUI value:
Ethernet1/0/1 is link-up
Port mode is autoLearn
NeedToKnow mode is disabled
Intrusion Protection mode is DisablePortTemporarily
Max MAC address number is 64
Stored MAC address number is 0
Authorization is permitted
The output shows that the port security's limit on the number of secure MAC addresses on the port is 64,
the port security mode is autoLearn, intrusion protection traps are enabled, and the intrusion protection
action is disabling the port (DisablePortTemporarily) for 30 seconds.
211
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
