HP 6125G HP 6125G & 6125G/XG Blade Switches Security Command Reference - Page 146
port-security port-mode
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 146 highlights
system-view [Sysname] port-security oui 000d-2a10-0033 index 4 port-security port-mode Syntax port-security port-mode { autolearn | mac-authentication | mac-else-userlogin-secure | mac-else-userlogin-secure-ext | secure | userlogin | userlogin-secure | userlogin-secure-ext | userlogin-secure-or-mac | userlogin-secure-or-mac-ext | userlogin-withoui } View undo port-security port-mode Layer 2 Ethernet interface view Default level 2: System level Parameters Keyword Security mode Description autolearn autoLearn In this mode, a port can learn MAC addresses, and allows frames sourced from learned or configured the MAC addresses to pass. The dynamically learned MAC addresses are secure MAC addresses. You can also configure secure MAC addresses by using the port-security mac-address security command. A secure MAC address never ages out by default. In addition, you can configure MAC addresses manually by using the mac-address dynamic and mac-address static commands for a port in autoLearn mode. When the number of secure MAC addresses reaches the upper limit set by the port-security max-mac-count command, the port changes to secure mode. mac-authentication macAddressWithR adius In this mode, a port performs MAC authentication for users and services multiple users. mac-else-userlogin -secure mac-else-userlogin -secure-ext macAddressElseUs erLoginSecure macAddressElseUs erLoginSecureExt This mode is the combination of the macAddressWithRadius and userLoginSecure modes, with MAC authentication having a higher priority. • A port in this mode performs MAC authentication 30 seconds after receiving a non-802.1X frame.. • Upon receiving an 802.1X frame, the port performs MAC authentication and then, if MAC authentication fails, 802.1X authentication. Similar to the macAddressElseUserLoginSecure mode except that a port in this mode supports multiple 802.1X and MAC authentication users. secure secure In this mode, MAC address learning is disabled on the port and you can configure MAC addresses by using the mac-address static and mac-address dynamic commands. The port permits only frames sourced from secure MAC addresses and MAC addresses you manually configured by using the mac-address static and mac-address dynamic commands. 137