Filter
Top Products
Configuring and Monitoring Port Security
Port Security Command Options and Operation
To remove a device (MAC address) from the “Authorized” list and when the
current number of devices equals the Address Limit value, you should first
reduce the Address Limit value by 1, then remove the unwanted device.
Note When you have configured the switch for learn-mode static operation, you can
reduce the address limit below the number of currently authorized addresses
on a port. This enables you to subsequently remove a device from the “Autho-
rized” list without opening the possibility for an unwanted device to automat-
ically become authorized. (If you use learn-mode configured instead, the
switch cannot automatically add detected devices not included in the mac-
address configuration. Refer to the Note on page
9-8.)
For example, suppose port A1 is configured as shown below and you want to
remove 0c0090-123456 from the Authorized Address list:
When removing 0c0090-123456, first
reduce the Address Limit by 1 to prevent
the port from automatically adding another
device that it detects on the network.
Figure 9-7. Example of Two Authorized Addresses on Port A1
The following command serves this purpose by removing 0c0090-123456 and
reducing the Address Limit to 1:
HPswitch(config)# port-security a1 address-limit 1
HPswitch(config)# no port-security a1 mac-address 0c0090-
123456
The above command sequence results in the following configuration for port
A1:
9-16