HP 6120XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 419
Management and Configuration, Guide, learn-mode, static, con d, limited-continuous, address-limit
View all HP 6120XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 419 highlights
Configuring and Monitoring Port Security Port Security Syntax: port-security (Continued) mac-address [] [] . . . [] Available for learn-mode with the, static, configured, or limited-continuous option. Allows up to eight authorized devices (MAC addresses) per port, depending on the value specified in the address-limit parameter. The mac-address limited-continuous mode allows up to 32 authorized MAC addresses per port. If you use mac-address with static, but enter fewer devices than you specified in the address-limit field, the port accepts not only your specified devices, but also as many other devices as it takes to reach the device limit. For example, if you specify four devices, but enter only two MAC addresses, the port will accept the first two nonspecified devices it detects, along with the two specifically authorized devices. Learned addresses that become authorized do not age-out. See also "Retention of Static Addresses" on page 11-17. action < none | send-alarm | send-disable > Specifies whether an SNMP trap is sent to a network management station when Learn Mode is set to static and the port detects an unauthorized device, or when Learn Mode is set to continuous and there is an address change on a port. none: Prevents an SNMP trap from being sent. none is the default value. send-alarm: Sends an intrusion alarm. Causes the switch to send an SNMP trap to a network management station. send-disable: Sends alarm and disables the port. Available only in the static, port-access, configured, or limited learn modes. Causes the switch to send an SNMP trap to a network management station and disable the port. If you subsequently re-enable the port without clearing the port's intrusion flag, the port blocks further intruders, but the switch will not disable the port again until you reset the intrusion flag. See the Note on 11-32. For information on configuring the switch for SNMP management, refer to the Management and Configuration Guide for your switch. -Continued- 11-16