3Com 4200G 12-Port Configuration Manual page 102
4200g series switch
Hide thumbs
Also See for 4200G 12-Port:
- Configuration manual (730 pages) ,
- Getting started manual (104 pages) ,
- Quick reference manual (43 pages)
Table of Contents
Advertisement
88
C
17: P
S
HAPTER
ORT
Configuring Port
Security
C
ECURITY
ONFIGURATION
Table 65 Description of the port security modes (Continued)
Security
mode
Description
userlogin-
The port opens only after the access user passes the
secure
802.1x authentication. Even after the port opens, only
the packets of the successfully authenticated user can
pass through the port.
In this mode, only one 802.1x-authenticated user is
allowed to access the port.
When the port changes from the normal mode to this
security mode, the system automatically removes the
already existing dynamic MAC address entries and
authenticated MAC address entries on the port.
userlogin-
This mode is similar to the userlogin-secure mode,
withoui
except that there can be one OUI-carried MAC address
being successfully authenticated in addition to the single
802.1x-authenticated user who is allowed to access the
port.
When the port changes from the normal mode to this
security mode, the system automatically removes the
already existing dynamic/authenticated MAC address
entries on the port.
mac-
In this mode, MAC address-based authentication is
authentication
performed for access users.
mac-or-
In this mode, the two kinds of authentication in
userlogin-
mac-authentication and userlogin-secure modes can
secure
be performed simultaneously. If both kinds of
authentication succeed, the userlogin-secure mode
takes precedence over the mac-authentication mode.
mac-else-
In this mode, first the MAC-based authentication is
userlogin
performed. If this authentication succeeds, the
mac-authentication mode is adopted, or else, the
authentication in userlogin-secure mode is performed.
userlogin-
This mode is similar to the userlogin-secure mode,
secure-ext
except that there can be more than one
802.1x-authenticated user on the port.
userlogin-
This mode is similar to the userlogin-secure-or-mac
secure-or-mac-
mode, except that there can be more than one
ext
802.1x-authenticated user on the port.
mac-or-
This mode is similar to the userlogin-secure-else-mac
userlogin-
mode, except that there can be more than one
secure-ext
802.1x-authenticated user on the port.
Table 66 Configure port security
Operation
Enter system view
Enable port security
Set OUI value for user
authentication
Enable the sending of
type-specific trap
messages
Enter Ethernet port
view
Command
system-view
port-security enable
port-security OUI OUI-value index
index-value
port-security trap { addresslearned |
intrusion | dot1xlogon | dot1xlogoff |
dot1xlogfailure | ralmlogon | ralmlogoff |
ralmlogfailure }*
interface interface-type interface-number
Feature
In these modes, only
the NTK and
Intrusion Protection
features take effect.
Description
—
Required
Optional
Optional
By default, sending of
trap messages is disabled.
—
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
