Step
3.
Configure a secure MAC
address.
4.
Enter Layer 2 Ethernet
interface view.
5.
Enable inactivity aging.
6.
Enable the dynamic secure
MAC function.
NOTE:
You can display dynamic secure MAC addresses only by using the display port-security mac-address
security command.
Ignoring authorization information
The authorization information is delivered by the RADIUS server or the local device to an 802.1X user or
MAC authenticated user who passes RADIUS or local authentication. You can configure a port to ignore
the authorization information.
To configure a port to ignore the authorization information:
Step
1.
Enter system view.
2.
Enter Layer 2 Ethernet
interface view.
3.
Ignore the authorization
information from the RADIUS
server or the local device.
Displaying and maintaining port security
Command
•
In system view:
port-security mac-address
security [ sticky] mac-address
interface interface-type
interface-number vlan vlan-id
•
In interface view:
a.
interface interface-type
interface-number
b.
port-security mac-address
security [ sticky]
mac-address vlan vlan-id
c.
quit
interface interface-type
interface-number
port-security mac-address
aging-type inactivity
port-security mac-address dynamic
Command
system-view
interface interface-type
interface-number
port-security authorization ignore
204
Remarks
Use either method.
No secure MAC address exists by
default.
N/A
Optional.
By default, the inactivity aging
function is disabled.
Optional.
By default, sticky MAC addresses
can be saved to the configuration
file, and once saved, can survive a
device reboot.
Remarks
N/A
N/A
By default, a port uses the
authorization information from the
RADIUS server or the local device.