Setting The Port Security Mode; Configuration Prerequisites; Configuration Procedure - HP A5830 Series Configuration Manual

The port security's limit on the number of MAC addresses on a port is independent of the MAC learning
limit described in MAC address table configuration in Layer 2—LAN Switching Configuration Guide.

Setting the port security mode

Configuration prerequisites

Before you set a port security mode for a port, complete the following tasks:
Disable 802.1X and MAC authentication.
1.
Check that the port does not belong to any aggregation group or service loopback group.
2.
If you are configuring the autoLearn mode, set port security's limit on the number of MAC
3.
addresses. You cannot change the setting when the port is operating in autoLearn mode.
You can specify a port security mode when port security is disabled, but your configuration cannot take
effect.
You cannot change the port security mode of a port when online users are present.

Configuration procedure

To enable a port security mode:
To do...
1. Enter system view.
2. Set an OUI value for
user authentication.
3. Enter Layer 2 Ethernet
interface view.
4. Set the port security
mode.
An OUI, as defined by the IEEE, is the first 24 bits of the MAC address, which uniquely identifies a
device vendor.
A port in userLoginWithOUI mode allows only one 802.1X user and one user whose MAC address
contains any specified OUI to pass authentication concurrently.
Use the command...
system-view
port-security oui oui-value index
index-value
interface interface-type interface-
number
port-security port-mode { autolearn |
mac-authentication | mac-else-
userlogin-secure | mac-else-
userlogin-secure-ext | secure |
userlogin | userlogin-secure |
userlogin-secure-ext | userlogin-
secure-or-mac | userlogin-secure-or-
mac-ext | userlogin-withoui }
112
Remarks
—
Optional.
Not configured by default.
The command is required for the
userlogin-withoui mode.
—
Required.
By default, a port operates in
noRestrictions mode.