HP 6125XLG R2306-HP 6125XLG Blade Switch Security Configuration Guide - Page 100
Setting port security's limit on the number of secure MAC addresses on a port, Setting the port
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 100 highlights
You can use the undo port-security enable command to disable port security. Because it logs off the online users, make sure no online users are present. Enabling or disabling port security resets the following security settings to the default: • 802.1X access control mode is MAC-based, and the port authorization state is auto. • Port security mode is noRestriction. For more information about 802.1X authentication and MAC authentication configuration, see "Configuring 802.1X" and "Configuring MAC authentication." Setting port security's limit on the number of secure MAC addresses on a port You can set the maximum number of secure MAC addresses that port security allows on a port for the following purposes: • Controlling the number of concurrent users on the port. For a port operating in a security mode that performs MAC authentication, 802.1X authentication, or both, the maximum number of concurrent users on the port equals this limit or the limit of the authentication mode in use, whichever is smaller. • Controlling the number of secure MAC addresses on the port in autoLearn mode. The port security's limit on the number of secure MAC addresses on a port is independent of the MAC learning limit described in MAC address table configuration in Layer 2-LAN Switching Configuration Guide. To set the maximum number of secure MAC addresses allowed on a port: Step 1. Enter system view. 2. Enter interface view. 3. Set the maximum number of secure MAC addresses allowed on a port. Command system-view interface interface-type interface-number port-security max-mac-count count-value Remarks N/A N/A By default, port security does not limit the number of secure MAC addresses on a port. Setting the port security mode Before you set a port security mode for a port, complete the following tasks: • Disable 802.1X and MAC authentication. • Verify that the port does not belong to any aggregation group or service loopback group. • If you are configuring the autoLearn mode, set port security's limit on the number of secure MAC addresses. You cannot change the setting when the port is operating in autoLearn mode. Follow these guidelines when you set the port security mode: • You can specify a port security mode when port security is disabled, but your configuration cannot take effect. • Changing the port security mode of a port logs off the online users of the port. 91