Manualsbrain.com
  1. Manuales
  2. Marcas
  3. 3com
  4. S7906E
  5. Instruccion De Instalación

3com S7906E Instruccion De Instalación

Descargar
Página de 2621
 
1-13 
 port-security max-mac-count 64 
 port-security port-mode autolearn 
 port-security mac-address security 0002-0000-0015 vlan 1 
 port-security mac-address security 0002-0000-0014 vlan 1 
 port-security mac-address security 0002-0000-0013 vlan 1 
 port-security mac-address security 0002-0000-0012 vlan 1 
 port-security mac-address security 0002-0000-0011 vlan 1 
Issuing the display port-security interface command after the number of MAC addresses learned by 
the port reaches 64, you will see that the port security mode has changed to secure. When any frame 
with a new MAC address arrives, intrusion protection is triggered and you will see trap messages as 
follows: 
#May  2 03:15:55:871 2000 Switch PORTSEC/1/VIOLATION:Traph3cSecureViolation 
 An intrusion occurs! 
 IfIndex: 9437207 
 Port: 9437207 
 MAC Addr: 00:0F:1F:86:32:32 
 VLAN ID: 1 
 IfAdminStatus: 1 
In addition, you will see that the port security feature has disabled the port if you issue the following 
command: 
[Switch-GigabitEthernet2/0/1] display interface gigabitethernet 2/0/1 
 GigabitEthernet2/0/1 current state:  Port Security Disabled 
 IP Packet Frame Type: PKTFMT_ETHNT_2, Hardware Address: 000f-cb00-5558 
 Description: GigabitEthernet2/0/1 Interface 
 ...... 
The port should be re-enabled 30 seconds later.  
[Switch-GigabitEthernet2/0/1] display interface gigabitethernet 2/0/1 
 GigabitEthernet2/0/1 current state: UP 
 IP Packet Frame Type: PKTFMT_ETHNT_2, Hardware Address: 000f-cb00-5558 
 Description: GigabitEthernet2/0/1 Interface 
 ...... 
Now, if you manually delete several secure MAC addresses, the port security mode of the port will be 
restored to autoLearn, and the port will be able to learn MAC addresses again. 
 
Configuring the userLoginWithOUI Mode 
Network requirements 
The client is connected to the switch through port GigabitEthernet 2/0/1. The switch authenticates the 
client by the RADIUS server. If the authentication succeeds, the client is authorized to access the 
Internet. 
RADIUS server 192.168.1.2 functions as the primary authentication server and the secondary 
accounting server, and RADIUS server 192.168.1.3 functions as the secondary authentication 
server and the primary accounting server. The shared key for authentication is name, and that for 
accounting is money.