R2511-HP MSR Router Series Security Command Reference(V5)
157
Intrusion Portection mode is disableport-temporarily
Max MAC address number is 50
Stored MAC address number is 0
Authorization is ignored
Security MAC address learning mode is sticky
Security MAC address aging type is absolute
GigabitEthernet1/2 is link-down
GigabitEthernet1/3 is link-down
Table 12 Command output
Field Descri
p
tion
Equipment port-security Whether the port security is enabled or not.
Trap
Whether trapping for MAC address learning is enabled or not. If it is enabled,
the port sends trap information after it learns a new MAC address.
AutoLearn aging time
Secure MAC aging timer. The timer applies to sticky or dynamic secure MAC
addresses.
Disableport Timeout Silence timeout period of the port that receives illegal packets, in seconds.
OUI value List of OUI values allowed.
Port mode
Port security mode, which can be one of the following modes:
• noRestrictions.
• autoLearn.
• macAddressWithRadius.
• macAddressElseUserLoginSecure.
• macAddressElseUserLoginSecureExt.
• secure.
• userLogin.
• userLoginSecure.
• userLoginSecureExt.
• macAddressOrUserLoginSecure.
• macAddressOrUserLoginSecureExt.
• userLoginWithOUI.
• presharedKey.
• macAddressAndPresharedKey.
• userLoginSecureExtOrPresharedKey.
For more information about port security modes, see Security Configuration
Guide.
NeedToKnow mode
Need to know (NTK) mode, which can be one of the following modes:
• NeedToKnowOnly—Allows only unicast packets with authenticated
destination MAC addresses.
• NeedToKnowWithBroadcast—Allows only unicast packets and broadcasts
with authenticated destination MAC addresses.
• NeedToKnowWithMulticast—Allows unicast packets, multicasts and
broadcasts with authenticated destination MAC addresses.