3com WX3000 User Manual

 

1-10 

z 

To ensure that Host can access the network, add the MAC address 0001-0002-0003 of Host as a 

security MAC address to the port in VLAN 1.   

z 

After the number of security MAC addresses reaches 80, the port stops learning MAC addresses. If 

any frame with an unknown MAC address arrives, intrusion protection is triggered and the port will 

be disabled and stay silent for 30 seconds. 

Figure 1-1 Network diagram for port security configuration 

Internet

Switch

Host 

MAC: 0001-0002-0003

GE1/0/1

Internet

Switch

Host 

MAC: 0001-0002-0003

GE1/0/1

 

 

# Enter system view. 

<device> system-view 

# Enable port security. 

[device] port-security enable 

# Enter GigabitEthernet 1/0/1 port view. 

[device] interface GigabitEthernet 1/0/1 

# Set the maximum number of MAC addresses allowed on the port to 80. 

[device-GigabitEthernet1/0/1] port-security max-mac-count 80 

# Set the port security mode to autolearn. 

[device-GigabitEthernet1/0/1] port-security port-mode autolearn 

# Add the MAC address 0001-0002-0003 of Host as a security MAC address to the port in VLAN 1. 

[device-GigabitEthernet1/0/1] mac-address security 0001-0002-0003 vlan 1 

# Configure the port to be silent for 30 seconds after intrusion protection is triggered.  

[device-GigabitEthernet1/0/1] port-security intrusion-mode disableport-temporarily 

[device-GigabitEthernet1/0/1] quit 

[device] port-security timer disableport 30