HP procurve switch 2600 series Access Security Manual page 197
Hide thumbs
Also See for procurve switch 2600 series:
- Installation and getting started manual (116 pages) ,
- Manual (300 pages) ,
- Management and configuration manual (547 pages)
Table of Contents
Advertisement
HPswitch(config)# port-security a1 learn-mode static
mac-address 0c0090-123456 action send-disable
This example configures port A5 to:
Allow two MAC addresses, 00c100-7fec00 and 0060b0-889e00, as the
■
authorized devices.
■
Send an alarm to a management station if an intruder is detected on
the port.
HPswitch(config)# port-security a5 learn-mode static
address-limit 2 mac-address 00c100-7fec00 0060b0-889e00
action send-alarm
If you manually configure authorized devices (MAC addresses) and/or an
alarm action on a port, those settings remain unless you either manually
change them or reset the switch to its factory-default configuration. You can
"turn off" device authorization on a port by configuring the port to continuous
Learn Mode, but subsequently reconfiguring the port to static Learn Mode
restores the configured device authorization.
Learn-Mode Configured. This option allows only MAC addresses specifi
cally configured with learn-mode configured mac-address < mac-address >, and
does not automatically learn non-specified MAC addresses learned from the
network. This example configures port A1 to:
■
Allow only a MAC address of 0c0090-123456 as the authorized device
■
Reserve the option for adding two more specified MAC addresses at
a later time without having to change the address-limit setting.
■
Send an alarm to a management station if an intruder is detected on
the port.
HPswitch(config)# port-security A1 learn-mode configured
mac-address 0c0090-123456 address-limit 3 action send-
disable
Adding a MAC Address to an Existing Port List
To simply add a device (MAC address) to a port's existing Authorized
Addresses list, enter the port number with the mac-address parameter and the
device's MAC address. This assumes that Learn Mode is either static or
configured and the Authorized Addresses list is not already full (as deter
mined by the current address-lmit value). For example, suppose port A1 allows
two authorized devices, but has only one device in its Authorized Address list:
Configuring and Monitoring Port Security
Port Security Command Options and Operation
8-13
Advertisement
Table of Contents
