Port Security Configuration Examples; Configuring The Autolearn Mode - HP 5120 EI Switch Series Configuration Manual

To do...
Display information about secure
MAC addresses
Display information about
blocked MAC addresses

Port security configuration examples

Configuring the autoLearn mode

Network requirements
Configure port GigabitEthernet 1/0/1 on the switch:
 Allow up to 64 users on the port without authentication.
 Permit the port to learn and add the MAC addresses as sticky MAC address, and set the sticky MAC
aging timer to 30 minutes.
After the number of secure MAC addresses reaches 64, the port stops learning MAC addresses. If

any frame with an unknown MAC address arrives, intrusion protection is triggered and the port is
disabled and stays silent for 30 seconds.
Figure 47 Network diagram for configuring the autoLearn mode
192.168.1.1/24
Host
Configuration procedure
Configure port security.
1.
# Enable port security.
<Switch> system-view
[Switch] port-security enable
# Set the sticky MAC aging timer to 30 minutes.
[Switch] port-security timer autolearn aging 30
# Enable port security traps for intrusion protection.
[Switch] port-security trap intrusion
[Switch] interface gigabitethernet 1/0/1
# Set the maximum number of secure MAC addresses allowed on the port to 64.
[Switch-GigabitEthernet1/0/1] port-security max-mac-count 64
# Set the port security mode to autoLearn.
Use the command...
display port-security mac-address
security [ interface interface-type
interface-number ] [ vlan vlan-id ]
[ count ] [ | { begin | exclude |
include } regular-expression ]
display port-security mac-address
block [ interface interface-type
interface-number ] [ vlan vlan-id ]
[ count ] [ | { begin | exclude |
include } regular-expression ]
GE1/0/1
Switch
Internet
150
Remarks
Available in any view
Available in any view