Configuring Trapping; Configuring Secure Mac Addresses - H3C S5500-EI series Operation Manual
Hide thumbs
Also See for S5500-EI series:
- Configuration manual (490 pages) ,
- Security configuration manual (448 pages) ,
- Operation manual (216 pages)
Table of Contents
Advertisement
Operation Manual – Port Security
H3C S5500-EI Series Ethernet Switches
Enter system view
Enter Ethernet port view
Configure the intrusion
protection feature
Return to system view
Set the silence timeout
during which a port
remains disabled
Note:
If
you
disableport-temporarily keyword, you can use the port-security timer disableport
command to set the silence timeout during which a port remains disabled.
1.6.3 Configuring Trapping
Follow these steps to configure port security trapping:
Enter system view
Enable port security traps
1.7 Configuring Secure MAC Addresses
Secure MAC addresses are special MAC addresses. They never age out or get lost if
saved before the device restarts. One secure MAC address can be added to only one
port in the same VLAN. Thus, you can bind a MAC address to one port in the same
VLAN.
Secure MAC addresses can be learned by a port working in autoLearn mode. You can
also manually configure them through the command line interface (CLI) or
management information base (MIB).
To do...
system-view
interface interface-type
interface-number
port-security
intrusion-mode
{ blockmac | disableport |
disableport-temporarily }
quit
port-security timer
disableport time-value
configure
the
port-security
To do...
system-view
port-security trap
{ addresslearned |
dot1xlogfailure | dot1xlogoff |
dot1xlogon | intrusion |
ralmlogfailure | ralmlogoff |
ralmlogon }
Chapter 1 Port Security Configuration
Use the command...
intrusion-mode
Use the command...
1-9
Remarks
—
—
Required
By default, intrusion
protection is disabled.
—
Optional
20 seconds by default
command
with
Remarks
—
Required
By default, no port
security trap is
enabled.
the
Advertisement
Chapters
Table of Contents
Troubleshooting
