Use the following procedure to configure and manage general security parameters for the switch.
Use the data in the following table to configure general switch security.
Variable | Value |
---|---|
AuthSecurityLock | If this parameter is listed as locked, the agent refuses all requests to modify the security configuration. Entries also include:
|
AuthCtlPartTime | Indicates the duration of time for port partitioning in seconds. Value ranges between 0 and 65535 seconds. Default is 0 (zero). When the value is zero, port remains partitioned until it is manually re-enabled. |
SecurityStatus | Indicates whether or not the switch security feature is enabled. |
SecurityMode | Specifies mode of switch security. Entries include:
|
SecurityAction | Actions performed by the software when a violation occurs (when SecurityStatus is enabled). The security action specified here applies to all ports of the switch.
A blocked address causes the port to be partitioned when unauthorized access is attempted. Selections include:
da means destination addresses. |
CurrNodesAllowed | Specifies the current number of entries of the nodes allowed in the AuthConfig tab. |
MaxNodesAllowed | Specifies the maximum number of entries of the nodes allowed in the AuthConfig tab. |
PortSecurityStatus | Specifies the set of ports for which security is enabled. |
PortLearnStatus | Specifies the set of ports where auto-learning is enabled. |
CurrSecurityLists | Specifies the current number of entries of the Security listed in the SecurityList tab |
MaxSecurityLists | Specifies the maximum entries of the Security listed in the SecurityList tab. |
AutoLearningAgingTime | Specifies the MAC address age-out time, in minutes, for the auto-learned MAC addresses. A value of zero (0) indicates that the address never ages out. |
AutoLearningSticky | Controls whether the sticky MAC feature is enabled.
![]() You must disable autolearning before you enable AutoLearningSticky. |
SecurityLockoutPortList | Controls the list of ports that are locked so they are excluded from MAC-based security.
![]() You must disable autolearning before you change the SecurityLockoutPortList. |