Configuring Port Security Features; Configuring Ntk; Configuring Intrusion Protection - H3C S5500-EI series Operation Manual
Hide thumbs
Also See for S5500-EI series:
- Configuration manual (490 pages) ,
- Security configuration manual (448 pages) ,
- Operation manual (216 pages)
Table of Contents
Advertisement
Operation Manual – Port Security
H3C S5500-EI Series Ethernet Switches
To do...
Enter system view
Enter Ethernet
port view
Set the port
security mode
Note:
On a port operating in either macAddressElseUserLoginSecure mode or
macAddressElseUserLoginSecureExt mode, intrusion protection is triggered only after
both MAC authentication and 802.1x authentication for the same frame fail.
1.6 Configuring Port Security Features
1.6.1 Configuring NTK
Follow these steps to configure the NTK feature:
Enter system view
Enter Ethernet port view
Configure the NTK feature
1.6.2 Configuring Intrusion Protection
Follow these steps to configure the intrusion protection feature:
system-view
interface interface-type
interface-number
port-security port-mode
{ mac-authentication |
mac-else-userlogin-secure |
mac-else-userlogin-secure-ext |
secure | userlogin | userlogin-secure |
userlogin-secure-ext |
userlogin-secure-or-mac |
userlogin-secure-or-mac-ext }
To do...
system-view
interface interface-type
interface-number
port-security ntk-mode
{ ntk-withbroadcasts |
ntk-withmulticasts |
ntkonly }
Chapter 1 Port Security Configuration
Use the command...
Use the command...
1-8
Remarks
—
—
Required
By default, a port
operates in
noRestrictions
mode.
Remarks
—
—
Required
Be default, NTK is
disabled on a port and all
frames are allowed to be
sent.
Advertisement
Chapters
Table of Contents
Troubleshooting
