Port Security Configuration Examples; Configuring The Autolearn Mode - HP 4800G Series Configuration Manual

To do...
Display information about
blocked MAC addresses

Port Security Configuration Examples

Configuring the autoLearn Mode

Network requirements
Restrict port GigabitEthernet 1/0/1 of the switch as follows:
Allow up to 64 users to access the port without authentication and permit the port to learn and add
the MAC addresses of the users as secure MAC addresses.
After the number of secure MAC addresses reaches 64, the port stops learning MAC addresses. If
any frame with an unknown MAC address arrives, intrusion protection is triggered and the port is
disabled and stays silence for 30 seconds.
Figure 1-1 Network diagram for configuring the autoLearn mode
Configuration procedure
1) Configure port security
# Enable port security.
<Switch> system-view
[Switch] port-security enable
# Enable intrusion protection trap.
[Switch] port-security trap intrusion
[Switch] interface gigabitethernet 1/0/1
# Set the maximum number of secure MAC addresses allowed on the port to 64.
[Switch-GigabitEthernet1/0/1] port-security max-mac-count 64
# Set the port security mode to autoLearn.
[Switch-GigabitEthernet1/0/1] port-security port-mode autolearn
# Configure the port to be silent for 30 seconds after the intrusion protection feature is triggered.
[Switch-GigabitEthernet1/0/1] port-security intrusion-mode disableport-temporarily
[Switch-GigabitEthernet1/0/1] quit
[Switch] port-security timer disableport 30
2) Verify the configuration
After completing the above configurations, you can use the following command to view the port security
configuration information:
<Switch> display port-security interface gigabitethernet 1/0/1
Use the command...
display port-security mac-address block
[ interface interface-type interface-number ]
[ vlan vlan-id ] [ count ]
1-11
Remarks
Available in any
view