v
Configuring port security ········································································································································ 107
Port security features ··········································································································································· 107
Port security modes ············································································································································· 107
Support for guest VLAN and Auth-Fail VLAN ··································································································· 110
Port security configuration task list ····························································································································· 110
Enabling port security ·················································································································································· 111
Configuration prerequisites ································································································································ 111
Configuration procedure ···································································································································· 111
Setting port security’s limit on the number of MAC addresses on a port ······························································ 111
Setting the port security mode ···································································································································· 112
Configuration prerequisites ································································································································ 112
Configuration procedure ···································································································································· 112
Configuring port security features ······························································································································ 113
Configuring NTK ················································································································································· 113
Configuring intrusion protection ························································································································ 113
Enabling port security traps ································································································································ 114
Configuring secure MAC addresses ·························································································································· 114
Configuration prerequisites ································································································································ 115
Configuration procedure ···································································································································· 115
Ignoring authorization information from the server ·································································································· 115
Displaying and maintaining port security ·················································································································· 116
Port security configuration examples ························································································································· 116
Configuring the autoLearn mode ······················································································································· 116
Configuring the userLoginWithOUI mode ········································································································ 119
Configuring the macAddressElseUserLoginSecure mode ················································································ 123
Troubleshooting port security ······································································································································ 126
Cannot set the port security mode ····················································································································· 126
Cannot configure secure MAC addresses ········································································································ 126
Cannot change port security mode when a user is online ············································································· 126
Configuring password control ································································································································ 128
Password control configuration task list ····················································································································· 130
Enabling password control ································································································································· 131
Setting global password control parameters ···································································································· 131
Setting user group password control parameters ···························································································· 132
Setting local user password control parameters ······························································································ 133
Setting super password control parameters ····································································································· 133
Setting a local user password in interactive mode ·························································································· 134
Displaying and maintaining password control ········································································································· 134
Password control configuration example ·················································································································· 135
Configuring public keys ·········································································································································· 138
Public key configuration task list ································································································································ 138
Configuring a local asymmetric key pair on the local device················································································· 139
Creating a local asymmetric key pair ··············································································································· 139
Displaying or exporting the local host public key ··························································································· 139
Destroying a local asymmetric key pair ············································································································ 141
Specifying the peer public key on the local device ································································································· 141
Displaying and maintaining public keys ··················································································································· 142
Public key configuration examples ····························································································································· 142
Manually specifying the peer public key on the local device ········································································ 142
Importing a public key from a public key file ·································································································· 144
Configuring PKI ······················································································································································· 147
PKI terms ······························································································································································· 147
PKI architecture ···················································································································································· 148
PKI applications ··················································································································································· 149
To Next Page
Loading...
Need help?
General