Справочное Руководство для 3com S7906E
1-7
2) Enabling port security resets the following configurations on a port to the defaults bracketed,
making them dependent completely on the port security mode:
z
802.1X (disabled), port access control method (macbased), and port access control mode (auto)
z
MAC authentication (disabled)
3) Disabling port security resets the following configurations on a port to the defaults bracketed:
z
Port security mode (noRestrictions)
z
802.1X (disabled), port access control method (macbased), and port access control mode (auto)
z
MAC authentication (disabled)
4) Port security cannot be disabled if there is any user present on a port.
Related commands: display port-security, dot1x, dot1x port-method, dot1x port-control in 802.1X
Commands of the Security Volume, mac-authentication in MAC Authentication Commands of the
Security Volume.
Examples
# Enable port security.
<Sysname> system-view
[Sysname] port-security enable
port-security intrusion-mode
Syntax
port-security intrusion-mode { blockmac | disableport | disableport-temporarily }
undo port-security intrusion-mode
View
Ethernet port view
Default Level
2: System level
Parameters
blockmac: Adds the source MAC addresses of illegal frames to the blocked MAC address list and
discards frames with blocked source MAC addresses. A blocked MAC address is restored to normal
after being blocked for three minutes, which is fixed and cannot be changed. You can use the display
port-security mac-address block command to view the blocked MAC address list.
disableport: Disables the port permanently upon detecting an illegal frame received on the port.
disableport-temporarily: Disables the port for a specified period of time whenever it receives an illegal
frame. Use the port-security timer disableport command to set the period.
Description
Use the port-security intrusion-mode command to configure the intrusion protection feature, so that
the interface performs configured security policies in response to received illegal packets.
Use the undo port-security intrusion-mode command to restore the default.
By default, intrusion protection is disabled.
You can use the undo shutdown to restore the connection of the port.