Configuring and Monitoring Port Security
Port Security Command Options and Operation
Syntax: port-security [e] < port-list> (- Continued -)
learn-mode < continuous static configured port-access >
(- Continued -)Configured: The static-configured option operates the same as the static-learn option on the preceding page, except that it does not allow the switch to accept non-specified addresses to reach the address limit. Thus, if you configure an address limit of 3, but only configure two MAC addresses, the switch will handle as intruders all non- specified MAC addresses it detects.
Note: As of September, 2003, this option is available in the ProCurve Switch 2600 Series and the Switch 6108 running software release H.07.30 (or greater), and the ProCurve Switch 2800 Series. For availability in other switch products, refer to the latest release notes for such products on the ProCurve Networking website. (Refer to “Getting Documentation From the Web” on page 1-9.)
Port-Access:Enables you to use Port Security with (802.1X)
Port-Based Access Control. Refer to “Configuring Port-
Based Access Control (802.1X)” on page 8-1.
address-limit < integer >
When Learn Mode is set to static (static-learn)or configured (static-configured), this parameter specifies the number of authorized devices (MAC addresses) to allow. Default: 1; Range: 1 to 8.
mac-address < mac-addr >
Available for static (static-learn and configured-learn) modes. Allows up to eight authorized devices (MAC addresses) per port, depending on the value specified in the address-limitparameter.
•If you use mac-address with learn-mode configured, but enter fewer devices than you specified in the address- limit field, the port accepts only the devices you specified with mac-address.(See the Note, above.)
•If you use mac-address with learn-mode static, but enter fewer devices than you specified in the address-limit field, the port accepts the specified devices AND as many other devices as it takes to reach the device limit.
