Configuring Security MAC Addresses
Enabling Port Security
Configuration Prerequisites
Before enabling port security, you need to disable 802.1x and MAC authentication globally.
Enabling Port Security
Follow these steps to enable port security:
To do...
Enter system view
Enable port security
Enabling port security resets the following configurations on the ports to the defaults (shown in
parentheses below):
802.1x (disabled), port access control method (macbased), and port access control mode (auto)
MAC authentication (disabled)
In addition, you cannot perform the above-mentioned configurations manually because these
configurations change with the port security mode automatically.
For details about 802.1x configuration, refer to the sections covering 802.1x and System-Guard.
For details about MAC authentication configuration, refer to the sections covering MAC
authentication configuration.
The port security feature does not support the quick EAD deployment feature in 802.1x.
Setting the Maximum Number of MAC Addresses Allowed on a Port
Port security allows more than one user to be authenticated on a port. The number of authenticated
users allowed, however, cannot exceed the configured upper limit.
By setting the maximum number of MAC addresses allowed on a port, you can
Control the maximum number of users who are allowed to access the network through the port
Control the number of Security MAC addresses that can be added with port security
Task
Use the command...
system-view
port-security enable
1-5
Remarks
Optional
Remarks
—
Required
Disabled by default