HP 4100GL User Manual

Configuring and Monitoring Port Security
Port Security Command Options and Operation

N o t e

You can reduce the address limit below the number of currently authorized
addresses on a port. This enables you to subsequently remove a device from
the “Authorized” list without opening the possibility for an unwanted device
to automatically become authorized.

For example, suppose port A1 is configured as shown below and you want to
remove 0c0090-123456 from the Authorized Address list:

When removing 0c0090-123456, first
reduce the Address Limit by 1 to prevent
the port from automatically adding another
device that it detects on the network.

Figure 7-7. Example of Two Authorized Addresses on Port A1

The following command serves this purpose by removing 0c0090-123456 and
reducing the Address Limit to 1:

HPswitch(config)# port-security a1 address-limit 1
HPswitch(config)# no port-security a1 mac-address 0c0090-
123456

The above command sequence results in the following configuration for port
A1:

Figure 7-8. Example of Port A1 After Removing One MAC Address

7-14