3com WX3000 User Manual
1-7
The WX3000 series devices do not support the ntkonly NTK feature.
Configuring intrusion protection
Follow these steps to configure the intrusion protection feature:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enter Ethernet port view
interface interface-type
interface-number
interface-number
—
Set the corresponding action to
be taken by the device when
intrusion protection is triggered
be taken by the device when
intrusion protection is triggered
port-security intrusion-mode
{ disableport |
disableport-temporarily |
blockmac }
{ disableport |
disableport-temporarily |
blockmac }
Required
By default, no action is taken
when intrusion protection is
triggered.
when intrusion protection is
triggered.
Return to system view
quit
—
Set the timer during which the
port remains disabled
port remains disabled
port-security timer
disableport timer
disableport timer
Optional
20 seconds by default
The port-security timer disableport command is used in conjunction with the port-security
intrusion-mode disableport-temporarily command to set the length of time during which the port
remains disabled.
If you configure the NTK feature and execute the port-security intrusion-mode blockmac command
on the same port, the device will be unable to disable the packets whose destination MAC address is
illegal from being sent out that port; that is, the NTK feature configured will not take effect on the packets
whose destination MAC address is illegal.
Configuring the Trap feature
Follow these steps to configure port security trapping: