Operation Manual – Port Security
H3C S5500-EI Series Ethernet Switches
To do...
Enter system view
Enter Ethernet
port view
Set the port
security mode
Note:
On a port operating in either macAddressElseUserLoginSecure mode or
macAddressElseUserLoginSecureExt mode, intrusion protection is triggered only after
both MAC authentication and 802.1x authentication for the same frame fail.
1.6 Configuring Port Security Features
1.6.1 Configuring NTK
Follow these steps to configure the NTK feature:
Enter system view
Enter Ethernet port view
Configure the NTK feature
1.6.2 Configuring Intrusion Protection
Follow these steps to configure the intrusion protection feature:
system-view
interface interface-type
interface-number
port-security port-mode
{ mac-authentication |
mac-else-userlogin-secure |
mac-else-userlogin-secure-ext |
secure | userlogin | userlogin-secure |
userlogin-secure-ext |
userlogin-secure-or-mac |
userlogin-secure-or-mac-ext }
To do...
system-view
interface interface-type
interface-number
port-security ntk-mode
{ ntk-withbroadcasts |
ntk-withmulticasts |
ntkonly }
Chapter 1 Port Security Configuration
Use the command...
Use the command...
1-8
Remarks
—
—
Required
By default, a port
operates in
noRestrictions
mode.
Remarks
—
—
Required
Be default, NTK is
disabled on a port and all
frames are allowed to be
sent.