Before setting the security mode to autolearn, you need to use the port-security max-mac-count
command to configure the maximum number of MAC addresses allowed on the port.
When a port operates in the autolearn mode, you cannot change the maximum number of MAC
addresses allowed on the port.
After setting the security mode to autolearn, you cannot configure static or blackhole MAC
addresses on the port.
When the port security mode is not noRestriction, you need to use the undo port-security
port-mode command to change it back to noRestriction before you change the port security
mode to other modes.
On a port configured with a security mode, you cannot do the following:
Configure the maximum number of MAC addresses that can be learned.
Configure the port as a reflector port for port mirroring.
Configure the port as a Fabric port.
Configure link aggregation.
Related commands: display port-security.
Examples
# Set the security mode of Ethernet 1/0/1 on the switch to userLogin.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] port-security enable
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] port-security port-mode userlogin
port-security timer disableport
Syntax
port-security timer disableport timer
undo port-security timer disableport
View
System view
Parameters
timer: This argument ranges from 20 to 300, in seconds.
Description
Use the port-security timer disableport command to set the time during which the system temporarily
disables a port.
Use undo port-security timer disableport command restore the default time.
By default, the system disables a port for 20 seconds.
1-16