No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


S2700, S3700, S5700, S6700, S7700, and S9700 Series Switches Typical Configuration Examples

This document provides examples for configuring features in typical usage scenarios.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Typical User Access and Authentication Configuration

Typical User Access and Authentication Configuration

If NAC authentication is enabled on an interface, the following commands cannot be used on the same interface. If the following commands are configured on an interface, NAC authentication cannot be used on the same interface.




Sets the maximum number of MAC addresses that can be learned by an interface.

mac-address learning disable

Disables MAC address learning on an interface.

port link-type dot1q-tunnel

Sets the link type of an interface to QinQ.

port vlan-mapping vlan map-vlan

port vlan-mapping vlan inner-vlan

Configures VLAN mapping on an interface.

port vlan-stacking

Configures selective QinQ.

port-security enable


The restriction applies only to devices of versions earlier than V200R012C00. For devices running V200R012C00 or a later version, you can run this command on an interface even if NAC authentication is enabled on the interface, or enable NAC authentication on an interface even if this command is run.

Enables interface security.

mac-vlan enable

Enables MAC address-based VLAN assignment on an interface.

ip-subnet-vlan enable

Enables IP subnet-based VLAN assignment on an interface.

user-bind ip sticky-mac

This command conflicts with only 802.1X authentication and MAC address authentication.

Enables the device to generate snooping MAC entries.
Updated: 2019-04-20

Document ID: EDOC1000069520

Views: 688744

Downloads: 30100

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next