Item
Enable Outbound
Restriction
Ignore
Authorization
Configuring permitted OUIs
1.
From the navigation tree, select Authentication > Port Security.
2.
In the Advanced Port Security Configuration area, click Permitted OUIs.
Figure 339 Permitted OUIs
3.
Enter the 48-bit MAC address in the format of H-H-H in the OUI Value box and click Add.
The system automatically saves the first 24 bits as an OUI value.
Port security configuration examples
Basic port security mode configuration example
Network requirements
As shown in
Allow up to three users to access the port without authentication and permit the port to learn the
•
MAC addresses of the users as secure MAC addresses.
•
After the number of secure MAC addresses reaches three, the port stops learning MAC addresses.
If an unknown MAC address frame arrives, intrusion protection is triggered and the port is disabled
and stays silence for 30 seconds.
Description
Select the box to enable the outbound traffic control, and select a control method.
Available control methods include:
•
Only MAC-Known Unicasts—Allows only unicasts frames with their destination MAC
addresses being authenticated to pass through.
•
Only Broadcasts and MAC-Known Unicasts—Allows only broadcast and unicasts
packets with their destination MAC addresses being authenticated to pass through.
•
Only Broadcasts, Multicasts, and MAC-Known Unicasts—Allows only broadcast,
multicast, and unicasts packets with their destination MAC addresses being
authenticated to pass through.
Select the box to configure the port to ignore the authorization information from the
authentication server.
The authorization information is delivered by the authentication server to the device after
an 802.1X user or MAC authenticated user passes authentication.
Figure
340, configure port GigabitEthernet 1/0/1 of the switch:
340