201
Related commands
display port-security
port-security ntk-mode
Use port-security ntk-mode to configure the NTK feature.
Use undo port-security ntk-mode to restore the default.
Syntax
port-security ntk-mode { ntk-withbroadcasts | ntk-withmulticasts | ntkonly }
undo port-security ntk-mode
Default
NTK is disabled on a port and all frames are allowed to be sent.
Views
Layer 2 Ethernet interface view
Predefined user roles
network-admin
Parameters
ntk-withbroadcasts: Forwards only broadcast frames and unicast frames with authenticated destination
MAC addresses.
ntk-withmulticasts: Forwards only broadcast frames, multicast frames, and unicast frames with
authenticated destination MAC addresses.
ntkonly: Forwards only unicast frames with authenticated destination MAC addresses.
Usage guidelines
The NTK feature checks the destination MAC addresses in outbound frames to allow frames to be sent to
only devices passing authentication, preventing illegal devices from intercepting network traffic.
If a wireless port has online users, you cannot change its NTK settings.
Examples
# Set the NTK mode of port GigabitEthernet 2/1/1 to ntkonly, allowing the port to forward received
packets to only devices passing authentication.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/1/1
[Sysname-GigabitEthernet2/1/1] port-security ntk-mode ntkonly
Related commands
display port-security
port-security oui
Use port-security oui to configure an OUI value for user authentication. This value is used when the port
security mode is userLoginWithOUI.
Use undo port-security oui to delete the OUI value with the specified OUI index.
To Next Page
Loading...
Need help?
General
