Filter
Top Products
3Com Switch 7750 Series
Command Reference Guide – Port Security & Port Binding Chapter 1 Port Security Commands
1-5
Note:
If intrusion protection mode is set to disableport-temporarily on the port, the time set
by the port-security timer disableport command determines how long the system
temporarily disables the port when intrusion protection is triggered on the port.
Description
Use the port-security intrusion-mode command to set the action to be taken by the
device when intrusion protection is triggered on the port.
Use the undo port-security intrusion-mode command to cancel the action setting.
By default, no action is set.
Note:
By checking the source MAC addresses in inbound data frames or the username and
password in 802.1x authentication requests on a port, intrusion protection detects
illegal packets (packets with illegal MAC address) or events and takes a pre-set action
accordingly. The actions you can set include: disconnecting the port
temporarily/permanently and blocking packets with invalid MAC addresses.
The following cases can trigger intrusion protection on a port:
z A packet with unknown source MAC address is received on the port while MAC
address learning is disabled on the port.
z A packet with unknown source MAC address is received on the port while the
amount of security MAC addresses on the port has reached the preset maximum
number.
z The user fails the 802.1x or MAC address authentication.
After executing the intrusion-mode blockmac command, you can only use the
display port-security command to view blocked MAC addresses, which you cannot
configure as static MAC addresses.
Example
# Enter system view.
<3Com> system-view
System View: return to User View with Ctrl+Z.
# Enable port security.
[3Com] port-security enable
# Enter GigabitEthernet1/0/1 port view.