H3C Technologies H3C WX3000 Series Unified Switches User Manual
Page 145
18-4
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enable port security
port-security enable
Required
Disabled by default
Enabling port security resets the following configurations on the ports to the defaults (shown in
parentheses below):
z
802.1x (disabled), port access control method (macbased), and port access control mode (auto)
z
MAC authentication (disabled)
In addition, you cannot perform the above-mentioned configurations manually because these
configurations change with the port security mode automatically.
z
For details about 802.1x configuration, refer to 802.1x and System-Guard in H3C WX3000 Series
Unified Switches Switching Engine Configuration Guide
.
z
For details about MAC authentication configuration, refer to MAC Address Authentication in H3C
WX3000 Series Unified Switches Switching Engine Configuration Guide
.
Setting the Maximum Number of MAC Addresses Allowed on a Port
Port security allows more than one user to be authenticated on a port. The number of authenticated
users allowed, however, cannot exceed the configured upper limit.
By setting the maximum number of MAC addresses allowed on a port, you can
z
Control the maximum number of users who are allowed to access the network through the port
z
Control the number of Security MAC addresses that can be added with port security
This configuration is different from that of the maximum number of MAC addresses that can be leaned
by a port in MAC address management.
Follow these steps to set the maximum number of MAC addresses allowed on a port:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enter Ethernet port view
interface
interface-type
interface-number
—
Set the maximum number of MAC
addresses allowed on the port
port-security max-mac-count
count-value
Required
Not limited by default