- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- port-security learn-mode limited-continuous
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-03-2009 05:42 PM
тАО06-03-2009 05:42 PM
thanks!! and best regards
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-04-2009 01:30 AM
тАО06-04-2009 01:30 AM
Solutionthis feature with prevent unauthorized user connect to netwrok
with mac filtering
for example
port-security 1-10 address-limit 20 learn-mode static action send-disable
***port security:preamble
***1-10 :secure port list
***adress limit: 20 (each port learn and switch to network 1 to 32 mac address.if you want one address on the one port this value must be 1
***learn mode:learning mode, when enable this command on switch switch is dynamically learn mac address pc or other network device
***static:switch is write pc mac address on port with learn mode,
static command stable the mac address on port if you write continuous comamand switch erase all mac on port with reload
***action :send disable or send alarm
send disable :when connect authorized mac on switch this port disable
send alarm :when connect authorized mac on switch this port send alarm log,pcm server
and deny snmp,icmp traffic
if you want for more info please read guide
port security chapter
http://cdn.procurve.com/training/Manuals/2610-Security-Oct2008-59918642.pdf
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-04-2009 06:12 AM
тАО06-04-2009 06:12 AM
Re: port-security learn-mode limited-continuous
could you help me with this please?
Best Regards!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-04-2009 06:47 AM
тАО06-04-2009 06:47 AM
Re: port-security learn-mode limited-continuous
[learn-mode
[address-limit <1-32>]
[mac-address MAC-ADDR [MAC-ADDR ...]]
[action
[clear-intrusion-flag]
Description: Set the port-security operation(s) for each port in port list.
Parameters:
o learn-mode
If 'continuous' is specified, the port continually learns new
addresses on the port. If 'static' is specified, the user
can configure addresses that are authorized to use on that port
and let the switch learn the remaining addresses up to the
specified address-limit. If 'configured' is specified, up
to address-limit configured addresses are authorized. Use the
'address-limit' parameter to specify the maximum number of
static addresses for the port.
The 'port-access' instructs the device to learn only the MAC
addresses authorized by 802.1X or Web/MAC authentication
subsystem. After a MAC address is authorized, only traffic
from the authorized MAC address is allowed.
If 'limited-continuous' is specified, the first
'address-limit' source MAC addresses heard on this
port become the authorized addresses. When new authorized
addresses are learned, they are stored in a table. When
the table has reached its 'address-limit', any
new source MAC addresses received on the port
constitutes an intrusion. The authorized addresses in
this mode will age out of the system, therefore the
list of authorized addresses can be dynamic over time.
o address-limit <1-N> - This parameter is valid only when the learn-mode
is static, configured, or limited-continuous.
It defines the number of MAC address that the table for the
given port will hold. For static and configured N is equal
to 8. For limited-continuous N is equal to 32.
o mac-address MAC-ADDR ... - This 12-hex digit parameter is only valid
when the learn-mode is static. The parameter is used to configure
the addresses that are authorized to use the port. The maximum
number of authorized addresses that may be configured and
learned is 8. If the number of configured addresses is less
than the address-limit, the switch will learn the remaining
number of addresses. Several addresses can be specified in
one command line.
o action
action the switch will take if an intruder is detected on the
port.
o clear-intrusion-flag - clears intrusion indicator for the ports
specified in the command PORT-LIST
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-04-2009 06:59 AM
тАО06-04-2009 06:59 AM
Re: port-security learn-mode limited-continuous
Regards!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-04-2009 07:00 AM
тАО06-04-2009 07:00 AM