- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Web and Unmanaged
- >
- Re: Port Security | HP 1910 48G
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-03-2016 01:38 PM
08-03-2016 01:38 PM
Port Security | HP 1910 48G
Hi guys.
I have a doubt about the port security feature over the HP 1910 48G device.
I did the following commands in the CLI:
GLOBAL CONFIG:
port-security enable
port-security trap intrusion
INTERFACE CONFIG:
interface gig1/0/1
port-security max-mac-count 1
port-security port-mode autolearn
port-security intrusion-mode disableport
The feature works well when I plug another device in that port. The trap works well too. That happens exactly what I want to and my doubt is about the mac address table. The entry showing on the CLI is "NOAGED" and in the GUI the mac address entry does not appear anymore. When I try to add a static entry, the GUI says that this mac address already exists. I would like to know if it is a normal behaviour.
Software Version is 5.20 Release 1516.
The HP 1910 manual does not show any topic about.
Thanks in advance.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-03-2016 02:33 PM
08-03-2016 02:33 PM
Re: Port Security | HP 1910 48G
I run this on a A5120 EI:
port-security max-mac-count 10 port-security port-mode autolearn port-security ntk-mode ntk-withmulticasts port-security intrusion-mode blockmac port-security mac-address dynamic port-security mac-address aging-type inactivity mac-address max-mac-count 10 mac-address information enable added
And the output of "display mac-address" wont show the clients mac-address.
In order to locate that you need to run the "display port-security mac-address security" command.
However when doing so it says "NOAGED" but it seems to work according to the logs and the physical tests I have performed.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-03-2016 05:47 PM
08-03-2016 05:47 PM
Re: Port Security | HP 1910 48G
Hi.
I would like to know about the command ntk.
There is an attachment with some entrys in the CLI.
So, is it a normal behaviour the noaged entry?
Thank you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-03-2016 11:21 PM
08-03-2016 11:21 PM
Re: Port Security | HP 1910 48G
I wrote this some time ago:
http://community.hpe.com/t5/Comware-Based/Port-Security-on-A5500/td-p/6472778
NTK from what I understand is for egress traffic.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-04-2016 06:04 AM
08-04-2016 06:04 AM
Re: Port Security | HP 1910 48G
Good morning.
I set the ntk mode on disable to forward all traffic.
I'm curious about the mac-address entry on the GUI. Because none of the machines registered on all ports are appearing over the GUI's mac-address table.
When I use the command display mac-address static vlan <number> the return is "no MAC address found".
And when I type display mac-address interface gig1/0/1 the return is "no MAC address found".
Typing display port-security mac-address security, all the entries are listed.
Thank you.