Configuration Procedure; Ignoring Authorization Information From The Server; Displaying And Maintaining Port Security - H3C S5830V2 Security Configuration Manual

Configure the port to permit packets of the specified VLAN to pass or add the port to the VLAN.
•
Make sure the VLAN already exists.

Configuration procedure

To configure a secure MAC address:
Step
1. Enter system view.
2. (Optional.) Set the
secure MAC aging
timer.
3. Configure a secure
MAC address.

Ignoring authorization information from the server

You can configure a port to ignore the authorization information received from the server (an RADIUS
server or the local device) after an 802.1X user or MAC authentication user passes authentication.
To configure a port to ignore authorization information from the server:
Step
1. Enter system view.
2. Enter interface view.
3. Ignore the authorization
information received from the
authentication server.

Displaying and maintaining port security

Execute display commands in any view:
Task
Display the port security configuration,
operation information, and statistics.
Command
system-view
port-security timer autolearn aging
time-value
•
In system view:
port-security mac-address security
[sticky] mac-address interface
interface-type interface-number vlan
vlan-id
•
In interface view:
a. interface interface-type
interface-number
b. port-security mac-address
security [ sticky ] mac-address
vlan vlan-id
Command
system-view
interface interface-type
interface-number
port-security authorization ignore
Command
display port-security [ interface interface-type interface-number ]
94
Remarks
N/A
By default, secure MAC addresses
do not age out.
Use either method.
No secure MAC address exists by
default.
In the same VLAN, a MAC address
cannot be specified as both a static
secure MAC address and a sticky
MAC address.
Remarks
N/A
N/A
By default, a port uses the
authorization information received
from the authentication server.