3Com 7750 Series Command Reference Manual page 217

3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding
Note:
If intrusion protection mode is set to disableport-temporarily on the port, the time set
by the port-security timer disableport command determines how long the system
temporarily disables the port when intrusion protection is triggered on the port.
Description
Use the port-security intrusion-mode command to set the action to be taken by the
device when intrusion protection is triggered on the port.
Use the undo port-security intrusion-mode command to cancel the action setting.
By default, no action is set.
Note:
By checking the source MAC addresses in inbound data frames or the username and
password in 802.1x authentication requests on a port, intrusion protection detects
illegal packets (packets with illegal MAC address) or events and takes a pre-set action
accordingly.
temporarily/permanently and blocking packets with invalid MAC addresses.
The following cases can trigger intrusion protection on a port:
A packet with unknown source MAC address is received on the port while MAC
address learning is disabled on the port.
A packet with unknown source MAC address is received on the port while the
amount of security MAC addresses on the port has reached the preset maximum
number.
The user fails the 802.1x or MAC address authentication.
After executing the intrusion-mode blockmac command, you can only use the
display port-security command to view blocked MAC addresses, which you cannot
configure as static MAC addresses.
Example
# Enter system view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
# Enable port security.
[3Com] port-security enable
# Enter GigabitEthernet1/0/1 port view.
The actions you
1-5
Chapter 1 Port Security Commands
can set include: disconnecting the port