3com 5500-ei pwr Installation Instruction

 

1-8 

Set the timer during which the 
port remains disabled 

port-security timer disableport 
timer 

Optional 

20 seconds by default 

 

The  port-security timer disableport command is used in conjunction with the port-security 

intrusion-mode  disableport-temporarily command to set the length of time during which the port 

remains disabled. 

 

If you configure the NTK feature and execute the port-security intrusion-mode blockmac command 

on the same port, the switch will be unable to disable the packets whose destination MAC address is 

illegal from being sent out that port; that is, the NTK feature configured will not take effect on the packets 

whose destination MAC address is illegal. 

 

Follow these steps to configure port security trapping: 

Enter system view 

— 

Enable sending traps for the 
specified type of event 

port-security trap { addresslearned | 
dot1xlogfailure | dot1xlogoff | dot1xlogon | 
intrusion | ralmlogfailure | ralmlogoff | 
ralmlogon } 

Required 

By default, no 
trap is sent. 

 

Users fails the authentication can access certain specified VLAN. This VLAN is called guest VLAN. For 

details about guest VLAN, refer to the sections covering 802.1x and System-Guard. 

A port in macAddressOrUserLoginSecure mode supports guest VLAN configurations. The port can 

connect multiple users; but services only one user at a time.  

1)  When the first user of the port initiates 802.1x or MAC address authentication: 

z 

If the user fails the authentication, the port is added to the guest VLAN, and all the other users of 

the port are authorized to access the guest VLAN.  

z 

If the user passes the authentication, authentication requests from other users are not handled 

because only one user is allowed to pass authentication using the port. The other users will fail the 

authentication, but the port will not be added to the guest VLAN. 

2)  After the port is added to the guest VLAN: