No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S12700 V200R013C00 Command Reference

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
port-security enable (AP wired port profile view)

port-security enable (AP wired port profile view)

Function

The port-security enable command enables the port security function on an interface.

The undo port-security enable command disables the port security function on an interface.

By default, port security is disabled on an interface.

Format

port-security enable

undo port-security enable

Parameters

None

Views

AP wired port profile view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After port security is enabled on an interface, MAC address entries learned by the interface are stored in the MAC address table as secure dynamic MAC address entries. By default, secure dynamic MAC addresses will not be aged out. After the device restarts, secure dynamic MAC address entries are lost and need to be relearned.

Port security has the following functions:

  • Prevent unauthorized users from using their computers to connect to an enterprise network.
  • Prevent employees of a company from moving their computers without permission.

Precautions

The protection action, maximum number of learned secure MAC address entries, and sticky MAC function can be configured only after port security is enabled.

The port-security enable and mac-limit maximum cannot be used on the same interface.

If port security is enabled after MAC address learning is disabled using the mac-address learning disable command, the port security function does not take effect. If port security is enabled before MAC address learning is disabled on an interface, the device no longer learns MAC addresses on the interface, but secure MAC addresses that have been learned are reserved.

Example

# Enable port security.

<HUAWEI> system-view
[HUAWEI] wlan
[HUAWEI-wlan-view] wired-port-profile name wire1
[HUAWEI-wlan-wired-port-wire1] mode endpoint
Warning: If the AP goes online through a wired port, the incorrect port mode con
figuration will cause the AP to go out of management. This fault can be recovere
d only by modifying the configuration on the AP. Continue? [Y/N]:y              
Warning: This action will take effect after resetting AP. 
[HUAWEI-wlan-wired-port-wire1] port-security enable
Translation
Download
Updated: 2019-04-09

Document ID: EDOC1100065659

Views: 123627

Downloads: 88

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next