206
Step Command Remarks
1. Enter system view.
system-view N/A
2. Set the secure MAC aging
timer.
port-security timer autolearn aging
time-value
Optional.
By default, secure MAC addresses
do note age out, and you can
remove them only by performing the
undo port-security mac-address
security command, changing the
port security mode, or disabling the
port security feature.
3. Configure a secure MAC
address.
• In system view:
port-security mac-address
security [ sticky] mac-address
interface interface-type
interface-number vlan vlan-id
• In interface view:
a. interface interface-type
interface-number
b. port-security mac-address
security [ sticky]
mac-address vlan vlan-id
c. quit
Use either method.
No secure MAC address exists by
default.
4. Enter Layer 2 Ethernet
interface view.
interface interface-type
interface-number
N/A
5. Enable inactivity aging.
port-security mac-address
aging-type inactivity
Optional.
By default, the inactivity aging
function is disabled.
6. Enable the dynamic secure
MAC function.
port-security mac-address dynamic
Optional.
By default, sticky MAC addresses
can be saved to the configuration
file, and once saved, can survive a
device reboot.
NOTE:
You can display dynamic secure MAC addresses only by using the display port-security mac-address
security command.
Ignoring authorization information
The authorization information is delivered by the RADIUS server or the local device to an 802.1X user or
MAC authenticated user who passes RADIUS or local authentication. You can configure a port to ignore
the authorization information.
To configure a port to ignore the authorization information:
Step Command Remarks
1. Enter system view. system-view N/A
To Next Page
Loading...
Need help?
General