HP 6125G HP 6125G & 6125G/XG Blade Switches Security Command Reference - Page 147
Keyword, Security mode, Description, port-security port-mode, port-security max-mac-count
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 147 highlights
Keyword Security mode Description userlogin userLogin In this mode, a port performs 802.1X authentication and implements port-based access control. If one 802.1X user passes authentication, all the other 802.1X users of the port can access the network without authentication. userlogin-secure userLoginSecure In this mode, a port performs 802.1X authentication and implements MAC-based access control. It services only one user passing 802.1X authentication. userlogin-secure-e userLoginSecureEx Similar to the userLoginSecure mode except that this mode xt t supports multiple online 802.1X users. userlogin-secure-or -mac macAddressOrUse rLoginSecure This mode is the combination of the userLoginSecure and macAddressWithRadius modes. For wired users, the port performs MAC authentication 30 seconds after receiving non-802.1X frames and performs 802.1X authentication upon receiving 802.1X frames. userlogin-secure-or -mac-ext macAddressOrUse rLoginSecureExt Similar to the macAddressOrUserLoginSecure mode except that a port in this mode supports multiple 802.1X and MAC authentication users. userlogin-withoui userLoginWithOUI Similar to the userLoginSecure mode. In addition, a port in this mode also permits frames from a user whose MAC address contains a specific OUI (organizationally unique identifier). For wired users, the port performs 802.1X authentication upon receiving 802.1X frames, and performs OUI check upon receiving non-802.1X frames. Description Use port-security port-mode to set the port security mode of a port. Use undo port-security port-mode to restore the default. By default, a port operates in noRestrictions mode, where port security does not take effect. To change the security mode of a port security enabled port, you must set the port in noRestrictions mode first. When the port has online users, you cannot change port security mode. IMPORTANT: If you are configuring the autoLearn mode, first set port security's limit on the number of MAC addresses by using the port-security max-mac-count command. You cannot change the setting when the port is operating in autoLearn mode. When port security is enabled, you cannot manually enable 802.1X or MAC authentication, or change the access control mode or port authorization state. The port security automatically modifies these settings in different security modes. Related commands: display port-security. Examples # Enable port security and set port GigabitEthernet 1/0/1 in secure mode. system-view [Sysname] port-security enable [Sysname] interface gigabitethernet 1/0/1 138