3Com Switch 7750 Configuration Guide
204 CHAPTER 25: PORT SECURITY CONFIGURATION
■ Voice VLAN
Configuring Port
Security Features
Configuring the NTK feature
Configuring intrusion protection
n
The port-security timer disableport command is used in conjunction with the
port-security intrusion-mode disableport-temporarily command to set the
length of time during which the port remains disabled.
Configuring the Trap feature
Ignoring the
Authorization
Information from the
RADIUS Server
After an 802.1x user or MAC-authenticated user passes Remote Authentication
Dial-In User Service (RADIUS) authentication, the RADIUS server delivers the
authorization information to the device. You can configure a port to ignore the
authorization information from the RADIUS server.
Table 134 Configure the NTK feature
Operation Command Remarks
Enter system view system-view -
Enter Ethernet port view interface interface-type
interface-number
-
Configure the NTK feature port-security
ntk-mode { ntkonly |
ntk-withbroadcasts |
ntk-withmulticasts }
Required
Be default, NTK is disabled on
a port, namely all frames are
allowed to be sent.
Table 135 Configure the intrusion protection feature
Operation Command Remarks
Enter system view system-view -
Enter Ethernet port view interface interface-type
interface-number
-
Set the corresponding action
to be taken by the switch
when intrusion protection is
triggered
port-security
intrusion-mode { disablepo
rt | disableport-temporarily
| blockmac }
Required
By default, intrusion
protection is not configured.
Return to system view quit -
Set the timer during which
the port remains disabled
port-security timer
disableport timer
Optional
20 seconds by default
Table 136 Configure port security trapping
Operation Command Remarks
Enter system view system-view -
Enable sending traps for
the specified type of
event
port-security trap { addresslearned |
intrusion | dot1xlogon | dot1xlogoff |
dot1xlogfailure | ralmlogon | ralmlogoff
| ralmlogfailure }
Required
By default, no trap is
sent.