Configuring Secure Mac Addresses; Ignoring The Authorization Information From The Server - 3Com Switch 4800G 24-Port Configuration Manual
Switch 4800g family 24-port, pwr 24-port, 48-port, pwr 48-port, 24-port sfp
Hide thumbs
Also See for Switch 4800G 24-Port:
- Product manual (13 pages) ,
- Datasheet (8 pages) ,
- Configuration manual (27 pages)
Table of Contents
Advertisement
1168
C
91: P
HAPTER
ORT
Configuring Secure
MAC Addresses
Configuration
Prerequisites
Configuration Procedure
Ignoring the
Authorization
Information from the
Server
S
C
ECURITY
ONFIGURATION
To do...
Enter system view
Enable port security traps
Secure MAC addresses are special MAC addresses. They never age out or get lost
if saved before the device restarts. One secure MAC address can be added to only
one port in the same VLAN. Thus, you can bind a MAC address to one port in the
same VLAN.
Secure MAC addresses can be learned by a port working in autoLearn mode. You
can also manually configure them through the command line interface (CLI) or
management information base (MIB).
Enable port security
■
Set the maximum number of secure MAC addresses allowed on the port
■
Set the port security mode to autoLearn
■
Follow these steps to configure a secure MAC address:
To do...
Enter system view
Configure a
secure MAC
address
n
The configured secure MAC addresses are saved in the configuration file and will
not get lost when the port goes up or goes down. After you save the
configuration file, the secure MAC address saved in the configuration file are
maintained even after the device restarts.
After an 802.1x user or MAC authenticated user passes RADIUS authentication,
the RADIUS server delivers the authorization information to the device. You can
configure a port to ignore the authorization information from the RADIUS server.
Follow these steps to configure a port to ignore the authorization information
from the RADIUS server:
Use the command...
system-view
port-security trap { addresslearned
| dot1xlogfailure | dot1xlogoff |
dot1xlogon | intrusion |
ralmlogfailure | ralmlogoff |
ralmlogon }
Use the command...
system-view
In system view
port-security
mac-address security
mac-address interface
interface-type
interface-number vlan
vlan-id
In Ethernet port
interface interface-type
view
interface-number
port-security
mac-address security
mac-address vlan vlan-id
Remarks
-
Required
By default, no port
security trap is
enabled.
Remarks
-
Required
Use either approach
No secure MAC address is
configured by default.
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
