Port security configuration task list – H3C Technologies H3C WX6000 Series Access Controllers User Manual

Page 142

Advertising
background image

19-3

Security mode

Description

Features

userLoginSecure

In this mode, a port performs 802.1x authentication of users in
portbased

mode and services only one user passing 802.1x

authentication.

userLoginWithO
UI

Similar to the userLoginSecure mode, a port in this mode
performs 802.1x authentication of users and services only one
user passing 802.1x authentication.
A MAC address being a specified OUI (organizationally
unique identifier) are also allowed on the port.

macAddressWith
Radius

In this mode, a port performs MAC authentication of users.

macAddressOrU
serLoginSecure

This mode is the combination of the userLoginSecure and
macAddressWithRadius modes, with 802.1x authentication
having a higher priority.
the port performs MAC authentication upon receiving
non-8021.x frames and performs 802.1x authentication first
upon receiving 802.1x frames. If 802.1x authentication fails,
the port performs MAC authentication.

macAddressElse
UserLoginSecur
e

This mode is the combination of the macAddressWithRadius
and userLoginSecure modes, with MAC authentication having
a higher priority.

z

Upon receiving a non-802.1x frame, a port in this mode
performs only MAC authentication.

z

Upon receiving an 802.1x frame, the port performs MAC
authentication and then, if MAC authentication fails, 802.1x
authentication.

userLoginSecure
Ext

In this mode, a port performs 802.1x authentication of users in
macbased mode and supports multiple concurrent users.

macAddressOrU
serLoginSecure
Ext

This mode is similar to macAddressOrUserLoginSecure
mode. The difference is that this mode allows a port to support
multiple 802.1x and MAC authentication users.

macAddressElse
UserLoginSecur
eExt

This mode is similar to macAddressElseUserLoginSecure
mode. The difference is that this mode allows a port to support
multiple 802.1x and MAC authentication users.

In any of these modes,
the device will trigger
NTK and intrusion
protection upon detecting
an illegal frame.

z

Currently, port security supports two authentication methods: 802.1x and MAC authentication.
Different port security modes employ different authentication method or different combinations of
authentication methods.

z

The maximum number of authenticated users that a port can support is the smaller one between
the maximum number of secure MAC addresses and the maximum number of concurrent users
that the mode of the port supports.

Port Security Configuration Task List

Complete the following tasks to configure port security:

Advertising
Popular Brands
Popular manuals