Advanced Management
KNote: The three security levels are mutually exclusive; a port can have either security level1, level2, or level 3, but never a combination of security levels.
To configure security level 2 or 3, you must specify the
When security level 2 (port lock) is enabled and an intruder attempts to direct traffic to the port, the port is immediately disabled. The port is then re- enabled only by clearing the security level by management.
When security level 3 (intruder lock) is enabled and an intruder attempts to direct traffic to the port, the switch locks out the intruder’s MAC address; it will not accept any traffic from that station. The intruder’s address is then re- enabled only by clearing the security level by management.
IImportant: If you set security level 2 or 3, you should also set the Intruder Trap. If you do not set this trap, you will not receive notification that the port has been dis- abled. See “Setting the Intruder Trap.”
By default, security levels 2 and 3 are both disabled.
Configuring Security Level 2 or Level 3
To set security level 2 (port lock) or level 3 (intruder lock) on a port:
1 From the Configuration Menu, type t to access the Secu- rity Management Menu.
2 Type p to access the Port Security Configuration Menu, as shown in Figure
3 Use the commands at the bottom of the menu to navigate to the port you want to want to configure.
4
5
6 Type 2 to select Port Security with Port Lock, or 3 to select Port Security with Intruder Lock.
7 Type 1 to have the system trust the first station that addresses this port, or type 2 to enter a specific port-
Page