For detailed 802.1X configuration, refer to 802.1X Configuration in the Security Volume.
For detailed MAC-based authentication configuration, refer to MAC Authentication Configuration in
the Security Volume.
Setting the Maximum Number of Secure MAC Addresses
With port security enabled, more than one authenticated user is allowed on a port. The number of
authenticated users allowed, however, cannot exceed the specified upper limit.
By setting the maximum number of secure MAC addresses allowed on a port, you can:
Control the maximum number of users who are allowed to access the network through the port.
Control the number of secure MAC addresses that can be added with port security.
Follow these steps to set the maximum number of secure MAC addresses allowed on a port:
To do...
Enter system view
Enter interface view
Set the maximum number of
secure MAC addresses
allowed on a port
This configuration is different from that of the maximum number of MAC addresses that can be leaned
by the port in MAC address management.
Setting the Port Security Mode
Configuration Prerequisites
Before setting the port security mode, ensure that:
802.1X is disabled, the port access control method is macbased, and the port access control mode
is auto.
MAC authentication is disabled.
The port does not belong to any aggregation group or service loopback group.
(The above requirements must be all met. Otherwise, you will see an error message and your
configuration will fail. On the other hand, after setting the port security mode on a port, you cannot
change any configurations of the first three requirements.)
Use the command...
system-view
interface interface-type
interface-number
port-security max-mac-count
count-value
1-6
Remarks
—
—
Required
Not limited by default