
| Configuring Port Security |
| |
Complete Configuration | # |
| domain default enable aabbcc.net |
| # |
| |
| # |
| |
| # |
| radius scheme radius1 |
| |
| primary authentication 192.168.1.3 |
| primary accounting 192.168.1.2 |
| secondary authentication 192.168.1.2 |
| secondary accounting 192.168.1.3 |
| key authentication name |
| key accounting money |
| |
| # |
| domain aabbcc.net |
| scheme |
| # |
| interface Ethernet1/0/1 |
| |
| |
Precautions | ■ Before enabling port security, be sure to disable 802.1x and MAC |
| authentication globally. |
| ■ On a port configured with port security, you cannot configure the maximum |
| number of MAC addresses that the port can learn, reflector port for port |
| mirroring, fabric port, or link aggregation. |
|
|
Configuring Port | In the |
Security | 802.1x and permits only packets from authenticated users. Besides, the port also |
| allows packets whose source MAC addresses have a specified organizationally |
Mode | unique identifier (OUI) value to pass the port. |
Network Diagram | Figure 14 Network diagram for configuring port security |
Eth1/0/1
Authentication servers
(192.168.1.3/24
192.168.1.2/24)
Internet
HostSwitch
Networking and The host connects to the switch through the port Ethernet 1/0/1, and the switch Configuration authenticates the host through the RADIUS server. If the authentication is Requirements successful, the host is authorized to access the Internet.