R3303-HP HSR6800 Routers Security Command Reference
195
Related commands
display port-security
port-security port-mode
Use port-security port-mode to set the port security mode of a port.
Use undo port-security port-mode to restore the default.
Syntax
port-security port-mode { autolearn | mac-authentication | mac-else-userlogin-secure |
mac-else-userlogin-secure-ext | secure | userlogin | userlogin-secure | userlogin-secure-ext |
userlogin-secure-or-mac | userlogin-secure-or-mac-ext | userlogin-withoui }
undo port-security port-mode
Default
A port operates in noRestrictions mode, where port security does not take effect.
Views
Interface view
Default command level
2: System level
Parameters
Ke
y
word Securit
y
mode
Descri
p
tion
autolearn autoLearn
In this mode, a port can learn MAC addresses, and allows
frames sourced from learned or configured the MAC
addresses to pass. The automatically learned MAC
addresses are secure MAC addresses. You can also
configure secure MAC addresses by using the
port-security mac-address security command. A secure
MAC address never ages out by default. In addition, you
can configure MAC addresses manually by using the
mac-address dynamic and mac-address static commands
for a port in autoLearn mode.
When the number of secure MAC addresses reaches the
upper limit set by the port-security max-mac-count
command, the port changes to secure mode.
mac-authentication
macAddressWithRad
ius
In this mode, a port performs MAC authentication for users
and services multiple users.
mac-else-userlogin-secu
re
macAddressElseUserL
oginSecure
This mode is the combination of the
macAddressWithRadius and userLoginSecure modes, with
MAC authentication having a higher priority.
• A port in this mode performs MAC authentication 30
seconds after receiving a non-802.1X frame.
• Upon receiving an 802.1X frame, the port performs
MAC authentication and then, if MAC authentication
fails, 802.1X authentication.