Learn-mode configured, Adding a mac address to an existing port list – HP 2800 User Manual

Page 243

Advertising
background image

Configuring and Monitoring Port Security

Port Security Command Options and Operation

HPswitch(config)# port-security a1 learn-mode static

mac-address 0c0090-123456 action send-disable

This example configures port A5 to:

Allow two MAC addresses, 00c100-7fec00 and 0060b0-889e00, as the
authorized devices.

Send an alarm to a management station if an intruder is detected on
the port.

HPswitch(config)# port-security a5 learn-mode static

address-limit 2 mac-address 00c100-7fec00 0060b0-889e00

action send-alarm

If you manually configure authorized devices (MAC addresses) and/or an
alarm action on a port, those settings remain unless you either manually
change them or reset the switch to its factory-default configuration. You can
“turn off” device authorization on a port by configuring the port to

continuous

Learn Mode, but subsequently reconfiguring the port to

static Learn Mode

restores the configured device authorization.

Learn-Mode Configured.

This option allows only MAC addresses specifi­

cally configured with

learn-mode configured mac-address < mac-address >, and

does not automatically learn non-specified MAC addresses learned from the
network. This example configures port A1 to:

Allow only a MAC address of 0c0090-123456 as the authorized device

Reserve the option for adding two more specified MAC addresses at
a later time without having to change the address-limit setting.

Send an alarm to a management station if an intruder is detected on
the port.

HPswitch(config)# port-security A1 learn-mode configured

mac-address 0c0090-123456 address-limit 3 action send-

disable

Adding a MAC Address to an Existing Port List

To simply add a device (MAC address) to a port’s existing Authorized
Addresses list, enter the port number with the

mac-address parameter and the

device’s MAC address. This assumes that Learn Mode is either

static or

configured and the Authorized Addresses list is not already full (as deter­
mined by the current

address-lmit value). For example, suppose port A1 allows

two authorized devices, but has only one device in its Authorized Address list:

9-13

Advertising
This manual is related to the following products:

6108

Popular Brands
Popular manuals