3com 4200G ユーザーズマニュアル
48
C
HAPTER
9: P
ORT
S
ECURITY
C
ONFIGURATION
G
UIDE
# Enter Ethernet 1/0/1 port view.
[3Com] interface Ethernet1/0/1
# Set the maximum number of MAC addresses allowed on the port to 80.
[3Com-Ethernet1/0/1] port-security max-mac-count 80
# Set the port security mode to autolearn.
[3Com-Ethernet1/0/1] port-security port-mode autolearn
# Add the MAC address 0001-0002-0003 as a secure MAC address to VLAN 1.
[3Com-Ethernet1/0/1] mac-address security 0001-0002-0003 vlan 1
# Configure the port to be silent for 30 seconds after intrusion protection is
triggered.
triggered.
[3Com-Ethernet1/0/1] port-security intrusion-mode disableport-temporarily
[3Com-Ethernet1/0/1] quit
[3Com] port-security timer disableport 30
Complete Configuration
#
port-security enable
port-security timer disableport 30
#
interface Ethernet1/0/1
port-security max-mac-count 80
port-security port-mode autolearn
port-security intrusion-mode disableport-temporarily
mac-address security 0001-0002-0003 vlan 1
#
Precautions
■
Before enabling port security, be sure to disable 802.1x and MAC
authentication globally.
authentication globally.
■
On a port configured with port security, you cannot configure the maximum
number of MAC addresses that the port can learn, reflector port for port
mirroring, fabric port or link aggregation.
number of MAC addresses that the port can learn, reflector port for port
mirroring, fabric port or link aggregation.
Configuring Port
Security
mac-authentication
Mode
Security
mac-authentication
Mode
In mac-authentication mode, a port performs MAC authentication of users.