Port Security Configuration Examples; Autolearn Configuration Example - HP FlexNetwork 10500 Series Security Configuration Manual

Port security configuration examples

autoLearn configuration example

Network requirements
As shown in
requirements:
•
Accept up to 64 users without authentication.
•
Be permitted to learn and add MAC addresses as sticky MAC addresses, and set the secure
MAC aging timer to 30 minutes.
•
Stop learning MAC addresses after the number of secure MAC addresses reaches 64. If any
frame with an unknown MAC address arrives, intrusion protection starts, and the port shuts
down and stays silent for 30 seconds.
Figure 68 Network diagram
Configuration procedure
# Enable port security.
<Device> system-view
[Device] port-security enable
# Set the secure MAC aging timer to 30 minutes.
[Device] port-security timer autolearn aging 30
# Set port security's limit on the number of secure MAC addresses to 64 on port GigabitEthernet
1/0/1.
[Device] interface gigabitethernet 1/0/1
[Device-GigabitEthernet1/0/1] port-security max-mac-count 64
# Set the port security mode to autoLearn.
[Device-GigabitEthernet1/0/1] port-security port-mode autolearn
# Configure the port to be silent for 30 seconds after the intrusion protection feature is triggered.
[Device-GigabitEthernet1/0/1] port-security intrusion-mode disableport-temporarily
[Device-GigabitEthernet1/0/1] quit
[Device] port-security timer disableport 30
Verifying the configuration
# Verify the port security configuration.
[Device] display port-security interface gigabitethernet 1/0/1
Port security parameters:
Port security
AutoLearn aging time
Disableport timeout
Figure 68, configure port GigabitEthernet 1/0/1 on the device to meet the following
: Enabled
: 30 min
: 30 s
203