Enabling Port Security; Setting Port Security's Limit On The Number Of Secure Mac Addresses On A Port - HP FlexFabric 5700 Series Security Configuration Manual

Tasks at a glance
(Optional.)
(Optional.)
(Optional.)
(Optional.)

Enabling port security

Before you enable port security, disable 802.1X and MAC authentication globally.
When port security is enabled, you cannot enable 802.1X or MAC authentication, or change the access
control mode or port authorization state. Port security automatically modifies these settings in different
security modes.
To enable port security:
Step
1. Enter system view.
2. Enable port security.
You can use the undo port-security enable command to disable port security. Because the command logs
off the online users, make sure no online users are present.
Enabling or disabling port security resets the following security settings to the default:
802.1X access control mode is MAC based.
•
802.1X port authorization state is auto.
•
For more information about 802.1X authentication and MAC authentication configuration, see
"Configuring
Setting port security's limit on the number of secure
MAC addresses on a port
You can set the maximum number of secure MAC addresses that port security allows on a port for the
following purposes:
• Controlling the number of concurrent users on the port.
For a port operating in a security mode (except for autoLearn and secure), the upper limit equals
the smaller of the following values:
The limit of the secure MAC addresses that port security allows.
The limit of concurrent users allowed by the authentication mode in use.
Controlling the number of secure MAC addresses on the port in autoLearn mode.
•
Ignoring authorization information from the server
Enabling MAC move
Applying NAS-ID profile to port security
Enabling the authorization-fail-offline feature
802.1X" and "Configuring MAC
Command
system-view
port-security enable
authentication."
177
Remarks
N/A
N/A
N/A
N/A
Remarks
N/A
By default, port security is
disabled.