S5720 Switch Port Security - but it allows different MACs

Created: Jun 29, 2018 23:35:13Latest reply: Jul 13, 2018 13:01:56 538 5 0 0
  Rewarded Hi-coins: 0 (problem resolved)
This post was last edited by yoface at 2018-06-29 23:37.
Hello

I activated the port security mode for all my gigabit ports 0/0/1 - 0/0/24  with port security enable

I let all it all on standard configuration. The Standard config says with port security the port will only learn 1 MAC adress and when a second new one is connected it will restrict it.
When I test it with two different notebooks, both notebooks can communicate over the same port althoug port security is enabled on this port.

Why does the port not restrict the second Notebook? Is there a other option needed too?


  • x
  • convention:

Featured Answers
Created Jun 30, 2018 10:36:07 Helpful(0) Helpful(0)

<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] port-security enable
[HUAWEI-GigabitEthernet0/0/1] port-security max-mac-num 1
[HUAWEI-GigabitEthernet0/0/1] port-security mac-address sticky
  • x
  • convention:

All Answers
Sergio93 Created Jun 30, 2018 00:10:09 Helpful(0) Helpful(0)

Hi Flo,

Please apply this command too :
port-security mac-address sticky

You can refer to this guide. Note that you can also choose the static mode.
http://support.huawei.com/hedex/hdx.do?docid=EDOC1000135317&id=dc_cfg_portsec_0008&text=Example%252520for%252520Configuring%252520Port%252520Security&lang=en

Hope this helps you.
  • x
  • convention:

BEST ANSWER! If you think I earn it!
If this post was useful to you, please click the Helpful button and flag my post as a "BEST ANSWER" so others can benefit. Thank you
Barret Created Jun 30, 2018 10:36:07 Helpful(0) Helpful(0)

<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] port-security enable
[HUAWEI-GigabitEthernet0/0/1] port-security max-mac-num 1
[HUAWEI-GigabitEthernet0/0/1] port-security mac-address sticky
  • x
  • convention:

Sergio93 Created Jul 2, 2018 13:05:29 Helpful(0) Helpful(0)

Hi Flo,

Was your problem resolved ?
  • x
  • convention:

BEST ANSWER! If you think I earn it!
If this post was useful to you, please click the Helpful button and flag my post as a "BEST ANSWER" so others can benefit. Thank you
yoface Created Jul 12, 2018 17:24:31 Helpful(0) Helpful(0)

Hi Sergio,

Yes thanks it looks good. Im testing actually.

The last question is for me, how can I configure the switch it will sending a message to my snmp client if a unintentional event is happening on a port so I get alert?
Is that possible with configuring traps?
  • x
  • convention:

Sergio93 Created Jul 13, 2018 13:01:56 Helpful(0) Helpful(0)

  • x
  • convention:

BEST ANSWER! If you think I earn it!
If this post was useful to you, please click the Helpful button and flag my post as a "BEST ANSWER" so others can benefit. Thank you

Reply

Reply
You need to log in to reply to the post Login | Register

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!

Login and enjoy all the member benefits

Login
Fast reply Scroll to top