Port Security Configuration Examples; Configuring The Autolearn Mode - HP 10500 Series Configuration Manual

Task
Display information about secure
MAC addresses.
Display information about blocked
MAC addresses.

Port security configuration examples

This section provides examples of configuring port security.

Configuring the autoLearn mode

Network requirements
See Figure 73. Configure port GigabitEthernet 1/0/1 on the device, as follows:
Accept up to 64 users on the port without authentication.
•
• Permit the port to learn and add MAC addresses as sticky MAC addresses, and set the secure MAC
aging timer to 30 minutes.
After the number of secure MAC addresses reaches 64, the port stops learning MAC addresses. If
•
any frame with an unknown MAC address arrives, intrusion protection starts, and the port shuts
down and stays silent for 30 seconds.
Figure 73 Network diagram
Configuration procedure
# Enable port security.
<Device> system-view
[Device] port-security enable
# Set the secure MAC aging timer to 30 minutes.
[Device] port-security timer autolearn aging 30
# Enable intrusion protection traps on port GigabitEthernet 1/0/1.
[Device] port-security trap intrusion
[Device] interface gigabitethernet 1/0/1
# Set port security's limit on the number of MAC addresses to 64 on the port.
[Device-GigabitEthernet1/0/1] port-security max-mac-count 64
# Set the port security mode to autoLearn.
Command
display port-security mac-address security
[ interface interface-type interface-number ] [ vlan
vlan-id ] [ count ] [ | { begin | exclude | include }
regular-expression ]
display port-security mac-address block [ interface
interface-type interface-number ] [ vlan vlan-id ]
[ count ] [ | { begin | exclude | include }
regular-expression ]
176
Remarks
Available in any
view.
Available in any
view.