Manualshelf

Access Security Guide K/KA/KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch
11121314151617181920
The sequence of entries in an ACL is significant..........................................................330
Allowing for the Implied Deny function......................................................................331
A configured ACL has no effect until you apply it to an interface...................................331
You can assign an ACL name or number to an interface even if the ACL does not exist in
the switch configuration...........................................................................................331
Enabling ACL "Deny" logging......................................................................................332
Requirements for using ACL logging..............................................................................332
ACL logging operation.................................................................................................332
IPv6 Counter Operation with Multiple Interface Assignments........................................334
IPv4 Counter Operation with Multiple Interface Assignments........................................335
About 802.1X........................................................................................................337
11 Port Security.........................................................................................357
Configuring.........................................................................................................................357
Planning port security.......................................................................................................357
Configuring port security...................................................................................................357
Eavesdrop Prevention is Disabled.......................................................................................360
MIB Support...............................................................................................................360
Blocked unautrhorized traffic.............................................................................................361
Trunk Group Exclusion.................................................................................................361
Configuring Trusted Ports for Dynamic ARP Protection............................................................361
Configuring Additional Validation Checks on ARP Packets.....................................................362
Verifying the configuration of dynamic ARP protection...........................................................362
Configuring DHCP snooping trusted ports...........................................................................362
Configuring authorized server addresses.............................................................................363
Configuring MAC Lockdown..............................................................................................363
Configuring MAC Lockout.................................................................................................364
Configuring instrumentation monitor...................................................................................364
Viewing...............................................................................................................................366
Displaying port security settings.........................................................................................366
Displaying ARP Packet Statistics.........................................................................................367
Monitoring Dynamic ARP Protection...................................................................................367
Listing authorized and detected MAC addresses...................................................................367
Viewing the current instrumentation monitor configuration......................................................368
Using Port Security................................................................................................................369
Enabling port security eavesdrop-prevention........................................................................369
MIB support...............................................................................................................369
Enabling DHCP snooping.................................................................................................369
Enabling DHCP snooping on VLANs.............................................................................371
Using DHCP snooping with option 82............................................................................371
Changing the remote-id from a MAC to an IP address......................................................372
Disabling the MAC address check.................................................................................372
DHCP binding database..............................................................................................373
DHCPv4 Snooping Max Binding...................................................................................374
Enabling debug logging..............................................................................................375
Enabling Dynamic ARP protection......................................................................................375
Enabling Dynamic IP Lockdown.........................................................................................376
Removing MAC Addresses................................................................................................376
Assigned/authorized addresses....................................................................................376
Removing a MAC Address from the Authorized list for a port.................................................376
Clear MAC address table.................................................................................................378
Configuring Clearing of Learned MAC Addresses............................................................378
Deploying MAC Lockdown................................................................................................379
Adding an IP-to-MAC Binding to the DHCP Database...........................................................379
Adding a static binding...............................................................................................379
14 Contents