9-12
Configuring and Monitoring Port Security
Port Security Command Options and Operation
The following command example shows the option for entering a range of
ports, including a series of non-contiguous ports. Note that no spaces are
allowed in the port number portion of the command string:
ProCurve(config)# show port-security A1-A3,A6,A8
Configuring Port Security
Using the CLI, you can:
■ Configure port security and edit security settings.
■ Add or delete devices from the list of authorized addresses for one or
more ports.
■ Clear the Intrusion flag on specific ports
Syntax: port-security [e] < port-list >
[learn-mode < continuous | static | configured | port-access >]
[address-limit < integer >]
[mac-address < mac-addr >] [< mac-addr > . . . < mac-addr >]
[action < none | send-alarm | send-disable >]
[clear-intrusion-flag]
(For the configured option, above, refer to the Note on page 9-8.
no port-security < port-list > mac-address < mac-addr > [< mac-addr > . . .
< mac-addr >]
Specifying Authorized Devices and Intrusion Responses
Learn-Mode Static. This example configures port A1 to automatically
accept the first device (MAC address) it detects as the only authorized device
for that port. (The default device limit is 1.) It also configures the port to send
an alarm to a network management station and disable itself if an intruder is
detected on the port.
ProCurve(config)# port-security a1 learn-mode static
action send-disable
The next example does the same as the preceding example, except that it
specifies a MAC address of 0c0090-123456 as the authorized device instead of
allowing the port to automatically assign the first device it detects as an
authorized device.