3Com Switch 4200G Configuration Guide
Port Security Configuration Example 91
Port Security
Configuration
Example
Network requirements
■ Enable port security on port GigabitEthernet1/0/1 of switch A, and set the
maximum number of the MAC addresses accommodated by the port to 80.
■ The NTK packet transmission mode of on the port is ntk-withbroadcasts, and
the intrusion Protection mode is disableport.
■ Connect PC1 to GigabitEthernet1/0/1 through switch B.
■ Bind the MAC and IP addresses of PC1 to GigabitEthernet1/0/1.
Network diagram
Figure 28 Network diagram for port security configuration
Configuration procedure
Configure switch A as follows:
1 Enter system view.
<S4200G> system-view
2 Enable port security.
[4200G] port-security enable
3 Enter port view for GigabitEthernet1/0/1.
[4200G] interface GigabitEthernet1/0/1
4 Set the port mode to MAC authentication.
[4200G-GigabitEthernet1/0/1] port-security port-mode mac-authentication
5 Set the maximum number of MAC addresses accommodate by the port to 80.
[4200G-GigabitEthernet1/0/1] port-security max-mac-count 80
6 Set the NTK packet transmission mode to ntk-withbroadcasts.
[4200G-GigabitEthernet1/0/1] port-security ntk-mode ntk-withbroadcasts
7 Set the Intrusion Protection mode to disableport.
[4200G-GigabitEthernet1/0/1] port-security intrusion-mode disableport
8 Return to system view.
[4200G-GigabitEthernet1/0/1] quit
Display the information about port
binding
display am user-bind [ interface interface-type
interface-number | mac-addr | ip-addr ]
Table 68 Display port security (Continued)
Operation Command
Switch A Switch B
GE1/0/1
PC1
PC2
IP Address: 10.153.1.1
MAC Address: 00e0 -fc00
-
3900
PC1
PC2
Switch A Switch B
PC1
PC2
IP Address: 10.153.1.1
MAC Address: 00e0 -fc00
-
3900
Switch A Switch B
PC1
PC2
IP Address: 10.153.1.1
MAC Address: 00e0 -fc00
-
3900
PC1
PC2