Filter
Top Products
DES-7200 Configuration Guide Chapter 5 Port-based Flow Control Configuration
5-6
addresses should be learned again after the reboot.
When a port is configured as a secure port and the maximum number of its secure
addresses is reached, a security violation occurs if the port receives a packet whose
source address is not one of the secure addresses on the port. When security
violations occur, you can set the following methods to handle:
z protect: When the maximum number of secure addresses is reached, the secure
port discards the packet of unknown addresses (none of which are among the
secure addresses of the port).This is the default method for handling exceptions.
z restrict: In the case of violation, a Trap notification is sent
z shutdown: In the case of violation, the port is shut down and a Trap notification is
sent.
5.3.2 Configuring Port Security
5.3.2.1
Default Configuration of Port
Security
The table below shows the default configuration of port security:
Item Default Configuration
Port security switch
The port security function is disabled for all
the ports.
Maximum number of secure addresses 128
Secure address None
Handling mode for violations Protect
Secure address binding mode None
Sticky MAC address learning Disabled
5.3.2.2 Port Security Configuration
Guide
The following restrictions apply to port security configuration:
z A secure port is not an Aggregate Port.
z A secure port is not the destination port of SPAN.
z A secure port is and can only be an Access Port.
The 802.1x authentication and port security are mutually exclusive in enabling. The
802.1x authentication and port security can ensure the validity of the network users.
You can enable either of them to control port access.
At the same time, the secure addresses of the IP+MAC addresses and IP addresses