R3102-R3103-HP 6600/HSR6600 Routers Security Command Reference
192
Field Descri
p
tion
Disableport Timeout Silence timeout period of the port that receives illegal packets, in seconds.
OUI value List of OUI values allowed.
Port mode
Port security mode:
• noRestrictions.
• autoLearn.
• macAddressWithRadius.
• macAddressElseUserLoginSecure.
• macAddressElseUserLoginSecureExt.
• secure.
• userLogin.
• userLoginSecure.
• userLoginSecureExt.
• macAddressOrUserLoginSecure.
• macAddressOrUserLoginSecureExt.
• userLoginWithOUI.
NeedToKnow mode
Need to know (NTK) mode:
• NeedToKnowOnly—Allows only unicast packets with authenticated destination
MAC addresses.
• NeedToKnowWithBroadcast—Allows only unicast packets and broadcasts
with authenticated destination MAC addresses.
• NeedToKnowWithMulticast—Allows unicast packets, multicasts and
broadcasts with authenticated destination MAC addresses.
Intrusion mode
Intrusion protection action mode:
• BlockMacAddress—Adds the source MAC address of the illegal packet to the
blocked MAC address list.
• DisablePort—Shuts down the port that receives illegal packets permanently.
• DisablePortTemporarily—Shuts down the port that receives illegal packets for
some time.
• NoAction—Performs no intrusion protection.
Max MAC address
number
Maximum number of MAC addresses that port security allows on the port.
Stored MAC address
number
Number of MAC addresses stored.
Authorization
Whether the authorization information from the server is ignored or not:
• permitted—Authorization information from the RADIUS server takes effect.
• ignored—Authorization information from the RADIUS server does not take
effect.
Security MAC address
learning mode
Secure MAC address learning mode:
• sticky—Learn MAC addresses as sticky secure MAC addresses.
• dynamic—Learns MAC addresses as dynamic secure MAC addresses.
Security MAC address
aging type
Secure MAC address aging type:
• absolute—Timer aging.
• inactivity—Inactivity aging.