HP 5120 SI series Command Reference Manual page 186
Hide thumbs
Also See for 5120 SI series:
- Security configuration manual (385 pages) ,
- Installation manual (48 pages) ,
- Specification (33 pages)
Table of Contents
Advertisement
Keyword
userlogin-secure-ext
userlogin-secure-or-mac
userlogin-secure-or-mac-
ext
userlogin-withoui
Description
Use the port-security port-mode command to set the port security mode of a port.
Use the undo port-security port-mode command to restore the default.
By default, a port operates in noRestrictions mode, where port security does not take effect.
•
Configuration of port security mode on a port is mutually exclusive with the configuration of 802.1X
authentication, port access control method, port authorization mode, and MAC authentication on
the port.
You can change the port security mode of a port only when the port is operating in noRestrictions
•
mode, the default mode. To restore the default port security mode, use the undo port-security
port-mode command.
Before configuring the port security mode to autoLearn, configure the maximum number of secure
•
MAC addresses on the port by using the port-security max-mac-count command.
You cannot change the port security mode of a port with users online.
•
Related commands: display port-security.
Examples
# Enable port security and configure the port security mode of port GigabitEthernet 1/0/1 as secure.
<Sysname> system-view
[Sysname] port-security enable
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] port-security port-mode secure
# Change the port security mode of port GigabitEthernet 1/0/1 to userLogin.
[Sysname-GigabitEthernet1/0/1] undo port-security port-mode
[Sysname-GigabitEthernet1/0/1] port-security port-mode userlogin
Security mode
userLoginSecureExt
macAddressOrUserL
oginSecure
macAddressOrUserL
oginSecureExt
userLoginWithOUI
175
Description
Similar to the userLoginSecure mode except that this mode
supports multiple online 802.1X users.
This mode is the combination of the userLoginSecure and
macAddressWithRadius modes.
For wired users, the port performs MAC authentication
upon receiving non-802.1X frames and performs 802.1X
authentication upon receiving 802.1X frames.
Similar to the macAddressOrUserLoginSecure mode
except that a port in this mode supports multiple 802.1X
and MAC authentication users.
Similar to the userLoginSecure mode. In addition, a port in
this mode also permits frames from a user whose MAC
address contains a specified OUI (organizationally unique
identifier).
For wired users, the port performs 802.1X authentication
upon receiving 802.1X frames, and performs OUI check
upon receiving non-802.1X frames.
- Quick Links:
- Command Reference
Hide quick links:
Advertisement
Table of Contents
