Port-Security - HP ProCurve 5400zl Reference Manual
Command line interface, switch software
Hide thumbs
Also See for ProCurve 5400zl:
- Installation and getting started manual (135 pages) ,
- Quickspecs (101 pages) ,
- Technical overview (65 pages)
Table of Contents
Advertisement
OVERVIEW
Category:
Primary context:
Related Commands
Usage: [no] port-security [ethernet] PORT-LIST
[learn-mode <continuous|static|configured|
[address-limit <1-32>]
[mac-address MAC-ADDR [MAC-ADDR ...]]
[action <none|send-alarm|send-disable>]
[clear-intrusion-flag]
Description: Set the port-security operation(s) for each port in port list.
Parameters:
o learn-mode <continuous|static|configured|limited-continuous|port-access>
o address-limit <1-N> - This parameter is valid only when the learn-mode
o mac-address MAC-ADDR ... - This 12-hex digit parameter is only valid
© 2009 Hewlett-Packard Development Company, L.P.
Port Security
config
show (page 511)
show (page 511)
limited-continuous|port-access>]
If 'continuous' is specified, the port continually learns new
addresses on the port. If 'static' is specified, the user
can configure addresses that are authorized to use on that port
and let the switch learn the remaining addresses up to the
specified address-limit. If 'configured' is specified, up
to address-limit configured addresses are authorized. Use the
'address-limit' parameter to specify the maximum number of
static addresses for the port.
The 'port-access' instructs the device to learn only the MAC
addresses authorized by 802.1X or Web/MAC authentication
subsystem. After a MAC address is authorized, only traffic
from the authorized MAC address is allowed.
If 'limited-continuous' is specified, the first
'address-limit' source MAC addresses heard on this
port become the authorized addresses. When new authorized
addresses are learned, they are stored in a table. When
the table has reached its 'address-limit', any
new source MAC addresses received on the port
constitutes an intrusion. The authorized addresses in
this mode will age out of the system, therefore the
list of authorized addresses can be dynamic over time.
is static, configured, or limited-continuous.
It defines the number of MAC address that the table for the
given port will hold. For static and configured N is equal
to 8. For limited-continuous N is equal to 32.
when the learn-mode is static. The parameter is used to configure
the addresses that are authorized to use the port. The maximum
number of authorized addresses that may be configured and
learned is 8. If the number of configured addresses is less
than the address-limit, the switch will learn the remaining
number of addresses. Several addresses can be specified in
one command line.
port-security
400
Advertisement
Table of Contents
