206
C
25: P
HAPTER
ORT
Displaying Port
Security Configuration
Port Security
Configuration
Example
Port Security
Configuration Example
S
C
ECURITY
ONFIGURATION
After the above configuration, you can use the display command in any view to
display port security information and verify your configuration.
Table 139 Display port security configuration
Operation
Display information about
port security configuration
Display information about
security MAC address
configuration
Network requirements
Implement access user restrictions through the following configuration on
GigabitEthernet 2/0/1 of the switch.
Allow a maximum of 80 users to access the port without authentication and
■
permit the port to learn and add the MAC addresses of the users as security
MAC addresses.
To ensure that Host can access the network, add the MAC address
■
0001-0002-0003 of Host as a security MAC address to the port in VLAN 1.
After the number of security MAC addresses reaches 80, the port stops
■
learning MAC addresses. If any frame with an unknown MAC address arrives,
intrusion protection is triggered and the port will be disabled and stay silent for
30 seconds.
Network diagram
Figure 53 Network diagram for port security configuration
Host
MAC:0001 -0002- 0003
Configuration procedure
# Enter system view.
<SW7750> system-view
# Enable port security.
[SW7750] port-security enable
# Enter GigabitEthernet 2/0/1 port view.
[SW7750] interface GigabitEthernet 2/0/1
Command
display port-security [ interface
interface-list ]
display mac-address security [ interface
interface-type interface-number ] [ vlan
vlan-id ] [ count ]
GE2/0/1
Switch
Internet
Description
You can
execute the
display
command in
any view.