User's Manual

ManualsBrandsHP ManualsSwitchHP 1920-8G-PoE+ (65W) Switch

431

432

433

434

435

436

437

438

439

440

422

• Basic mode—In this mode, a port can learn the specified number of MAC addresses and save those

addresses as secure MAC addresses. It permits only frames whose source MAC addresses are

secure MAC addresses or configured static MAC addresses. When the number of secure MAC

addresses reaches the upper limit, no more secure MAC addresses can be added.

• Advanced mode—Port security supports 802.1X and MAC authentication. Different port security

modes represent different combinations of the two methods.

Table 127 desc

ribes the advanced security modes.

Table 127 Advanced security modes

Advanced mode Descri

tion

MAC-Auth A port performs MAC authentication for users. It services multiple users.

802.1X Port Based

A port performs 802.1X authentication and implements port-based access

control.

In this mode, a port can service multiple 802.1X users. If one 802.1X user

passes authentication, all the other 802.1X users of the port can access the

network without authentication.

In this mode, neither outbound restriction nor intrusion protection will be

triggered.

802.1X Single Host

A port performs 802.1X authentication and implements MAC-based access

control. It services only one user passing 802.1X authentication.

802.1X MAC Based

A port performs 802.1X authentication of users and implements MAC-based

access control. The port in this mode supports multiple online 802.1X users.

802.1X MAC Based Or

OUI

Similar to the 802.1X Single Host mode, a port in this mode performs

802.1X authentication of users and allows only one 802.1X user to access

at a time.

• The port also permits frames from a wired terminal whose MAC address

contains a specific OUI.

• For frames from a wireless user, the port performs OUI check at first. If the

OUI check fails, the port performs 802.1X authentication.

MAC-Auth Or 802.1X

Single Host

This mode is the combination of the 802.1X Single Host and MAC-Auth

modes, with 802.1X authentication having higher priority.

• For wired users, the port performs MAC authentication upon receiving

non-802.1X frames and performs 802.1X authentication upon receiving

802.1X frames.

• For wireless users, 802.1X authentication is performed first. If 802.1X

authentication fails, MAC authentication is performed.

MAC-Auth Or 802.1X

MAC Based

Similar to the MAC-Auth Or 802.1X Single Host mode, except that it

supports multiple 802.1X and MAC authentication users on the port.

MAC-Auth Else 802.1X

Single Host

This mode is the combination of the MAC-Auth and 802.1X Single Host

modes, with MAC authentication having higher priority.

• A port in this mode performs only MAC authentication for non-802.1X

frames.

• For 802.1X frames, the port performs MAC authentication and then, if

MAC authentication fails, 802.1X authentication.

MAC-Auth Else 802.1X

MAC Based

Similar to the MAC-Auth Else 802.1X Single Host mode, except that it

supports multiple 802.1X and MAC authentication users on the port.