Port Security Configuration For Userloginwithoui Mode - H3C S5500-EI series Operation Manual
Hide thumbs
Also See for S5500-EI series:
- Configuration manual (490 pages) ,
- Security configuration manual (448 pages) ,
- Operation manual (216 pages)
Table of Contents
Advertisement
Operation Manual – Port Security
H3C S5500-EI Series Ethernet Switches
Now, if you manually delete several secure MAC addresses, the port security mode of
the port will be restored to autoLearn, and the port will be able to learn MAC addresses
again.
1.10.2 Port Security Configuration for userLoginWithOUI Mode
I. Network requirements
The client is connected to the switch through port GigabitEthernet 1/0/1. The switch
authenticates the client by the RADIUS server. If the authentication succeeds, the client
is authorized to access the Internet.
Restrict port GigabitEthernet 1/0/1 of the switch as follows:
Allow only one 802.1x user to be authenticated.
Allow up to 16 OUI values to be configured and allow one additional user whose
MAC address has an OUI among the configured ones to access the port.
II. Network diagram
Figure 1-2 Network diagram for port security configuration for userLoginWithOUI
mode
III. Configuration procedure
Note:
The following configuration steps cover some AAA/RADIUS configuration
commands. For details about the commands, refer to AAA-RADIUS-HWTACACS
Configuration.
Configurations on the host and RADIUS servers are omitted.
1)
Configure the RADIUS protocol
# Create a RADIUS scheme named radsun.
<Switch> system-view
[Switch] radius scheme radsun
Chapter 1 Port Security Configuration
1-14
Advertisement
Chapters
Table of Contents
Troubleshooting
