Table of Contents
Advertisement
Predefined user roles
network-admin
Usage guidelines
The authorization-fail-offline feature logs off port security users who fail ACL or user profile
authorization.
A user fails ACL or user profile authorization in the following situations:
•
The device fails to authorize the specified ACL or user profile to the user.
•
The server assigns a nonexistent ACL or user profile to the user.
If this feature is disabled, the device does not log off users who fail ACL or user profile authorization.
However, the device outputs messages to report the failure.
Examples
# Enable the authorization-fail-offline feature.
<Sysname> system-view
[Sysname] port-security authorization-fail offline
Related commands
display port-security
port-security enable
Use port-security enable to enable port security.
Use undo port-security enable to disable port security.
Syntax
port-security enable
undo port-security enable
Default
Port security is disabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
You must disable global 802.1X and MAC authentication before you enable port security on a port.
Enabling or disabling port security resets the following security settings to the default:
•
802.1X access control mode is MAC-based.
•
Port authorization state is auto.
When online users are present on a port, disabling port security logs off the online users.
Examples
# Enable port security.
<Sysname> system-view
[Sysname] port-security enable
7
Advertisement
Chapters
Table of Contents
