7-19
Using Passwords, Port Security, and Authorized IP Managers To Protect Against Unauthorized Access
Configuring and Monitoring Port Security
Using Passwords, Port
Security, and Authorized IP
With the above configuration for port 1, the following command adds the
0c0090-456456 MAC address as the second authorized address.
HP2512(config)# port-security 1 mac-address 0c0090-456456
After executing the above command, the security configuration for port 1
would be:
(The message
Inconsistent value appears if the new MAC address
exceeds the current Address Limit or specifies a device that is already on the
list. Note that if you change a port from static to continuous learn mode, the
port retains in memory any authorized addresses it had while in static mode.
If you subsequently attempt to convert the port back to static mode with the
same authorized address(es), the Inconsistent value message appears
because the port already has the address(es) in its “Authorized” list.)
If you are adding a device (MAC address) to a port on which the Authorized
Addresses list is already full (as controlled by the port’s current Address Limit
setting), then you must increase the Address Limit in order to add the device,
even if you want to replace one device with another. Using the CLI, you can
simultaneously increase the limit and add the MAC address with a single
command. For example, suppose port 1 allows one authorized device and
already has a device listed:
The Address Limit has not
been reached.
Although the
Address Limit is set
to 2, only one device
has been authorized
for this port. In this
case you can add
another without
having to also
increase the Address
Limit.
The Address Limit has been
reached.
