Cannot Configure Secure Mac Addresses; Cannot Change Port Security Mode When A User Is Online - H3C S5500-EI series Operation Manual
Hide thumbs
Also See for S5500-EI series:
- Configuration manual (490 pages) ,
- Security configuration manual (448 pages) ,
- Operation manual (216 pages)
Table of Contents
Advertisement
Operation Manual – Port Security
H3C S5500-EI Series Ethernet Switches
Error:When we change port-mode, we should first change it to noRestrictions,
then change it to the other.
II. Analysis
For a port working in a port security mode other than noRestrictions, you cannot
change the port security mode by using the port-security port-mode command
directly.
III. Solution
Set the port security mode to noRestrictions first.
[Switch-GigabitEthernet1/0/1] undo port-security port-mode
[Switch-GigabitEthernet1/0/1] port-security port-mode autolearn
1.11.2 Cannot Configure Secure MAC Addresses
I. Symptom
Cannot configure secure MAC addresses.
[Switch-GigabitEthernet1/0/1] port-security mac-address security 1-1-2 vlan
1
Error:Can not operate security MAC address for current port mode is not
autoLearn!
II. Analysis
No secure MAC address can be configured on a port operating in a port security mode
other than autoLearn.
III. Solution
Set the port security mode to autoLearn.
[Switch-GigabitEthernet1/0/1] undo port-security port-mode
[Switch-GigabitEthernet1/0/1] port-security max-mac-count 64
[Switch-GigabitEthernet1/0/1] port-security port-mode autolearn
[Switch-GigabitEthernet1/0/1] port-security mac-address security 1-1-2 vlan
1
1.11.3 Cannot Change Port Security Mode When a User Is Online
I. Symptom
Port security mode cannot be changed when an 802.1x-authenticated or MAC
authenticated user is online.
[Switch-GigabitEthernet1/0/1] undo port-security port-mode
Chapter 1 Port Security Configuration
1-22
Advertisement
Chapters
Table of Contents
Troubleshooting
