Procurve Port Security: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) |
Thomas (Diskussion | Beiträge) |
||
| (19 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 3: | Zeile 3: | ||
*port-security 24 learn-mode static | *port-security 24 learn-mode static | ||
*end | *end | ||
| + | =Port Security anzeigen= | ||
| + | *show port-security 24 | ||
| + | <pre> | ||
| + | Port Security | ||
| + | Port : 24 | ||
| + | Learn Mode [Continuous] : Static Address Limit [1] : 1 | ||
| + | Action [None] : None | ||
| + | Authorized Addresses | ||
| + | -------------------- | ||
| + | 60eb69-962da5 | ||
| + | </pre> | ||
| + | =Adress Limit erhöhen= | ||
| + | *configure terminal | ||
| + | *port-security 24 address-limit 3 | ||
| + | *end | ||
| + | =Port Security anzeigen= | ||
| + | <pre> | ||
| + | Port Security | ||
| + | |||
| + | Port : 24 | ||
| + | Learn Mode [Continuous] : Static Address Limit [1] : 3 | ||
| + | Action [None] : None | ||
| + | |||
| + | Authorized Addresses | ||
| + | -------------------- | ||
| + | 00040d-0b2015 | ||
| + | 60eb69-962da5 | ||
| + | </pre> | ||
| + | =Action konfigurieren= | ||
| + | *configure terminal | ||
| + | *port-security 24 action send-disable | ||
| + | *end | ||
| + | =Port Security anzeigen= | ||
| + | <pre> | ||
| + | Port Security | ||
| + | |||
| + | Port : 24 | ||
| + | Learn Mode [Continuous] : Static Address Limit [1] : 3 | ||
| + | Action [None] : Send Alarm, Disable Port | ||
| + | |||
| + | Authorized Addresses | ||
| + | -------------------- | ||
| + | 00040d-0b2015 | ||
| + | 60eb69-962da5 | ||
| + | </pre> | ||
| + | |||
| + | =Mac Adresse Manuell eintragen= | ||
| + | *configure terminal | ||
| + | *port-security 24 mac-address 001060-8a2bee | ||
| + | *end | ||
| + | =Port Security anzeigen= | ||
| + | <pre> | ||
| + | Port Security | ||
| + | |||
| + | Port : 24 | ||
| + | Learn Mode [Continuous] : Static Address Limit [1] : 3 | ||
| + | Action [None] : Send Alarm, Disable Port | ||
| + | |||
| + | Authorized Addresses | ||
| + | -------------------- | ||
| + | 00040d-0b2015 | ||
| + | 001060-8a2bee | ||
| + | 60eb69-962da5 | ||
| + | </pre> | ||
| + | =Portsecurity neu setzen (configured)= | ||
| + | *configure terminal | ||
| + | *no port-security 24 | ||
| + | *port-security 24 learn-mode configured address-limit 1 action send-disable mac-address 60eb69962da5 | ||
| + | *end | ||
| + | =Port Security anzeigen= | ||
| + | <pre> | ||
| + | Port Security | ||
| + | |||
| + | Port : 24 | ||
| + | Learn Mode [Continuous] : Configured Address Limit [1] : 1 | ||
| + | Action [None] : Send Alarm, Disable Port | ||
| + | |||
| + | Authorized Addresses | ||
| + | -------------------- | ||
| + | 60eb69-962da5 | ||
| + | </pre> | ||
| + | =Nach Anschluss einer nicht zugelassenen Macaddresse= | ||
| + | *show interfaces brief 24 | ||
| + | <pre> | ||
| + | Status and Counters - Port Status | ||
| + | |||
| + | | Intrusion MDI Flow Bcast | ||
| + | Port Type | Alert Enabled Status Mode Mode Ctrl Limit | ||
| + | ------- --------- + --------- ------- ------ ---------- ----- ----- ------ | ||
| + | 24 24 | No Yes Down 1000FDx MDI off 0 | ||
| + | </pre> | ||
| + | =Wieder aktivieren= | ||
| + | *configure terminal | ||
| + | *interface 24 enable | ||
| + | *end | ||
| + | |||
| + | =Links= | ||
*http://whp-hou9.cold.extweb.hp.com/pub/networking/software/Security-Oct2005-59906024-Chap09-Port_Security.pdf | *http://whp-hou9.cold.extweb.hp.com/pub/networking/software/Security-Oct2005-59906024-Chap09-Port_Security.pdf | ||
Aktuelle Version vom 13. April 2016, 11:12 Uhr
Port Security anschalten
- configure terminal
- port-security 24 learn-mode static
- end
Port Security anzeigen
- show port-security 24
Port Security Port : 24 Learn Mode [Continuous] : Static Address Limit [1] : 1 Action [None] : None Authorized Addresses -------------------- 60eb69-962da5
Adress Limit erhöhen
- configure terminal
- port-security 24 address-limit 3
- end
Port Security anzeigen
Port Security Port : 24 Learn Mode [Continuous] : Static Address Limit [1] : 3 Action [None] : None Authorized Addresses -------------------- 00040d-0b2015 60eb69-962da5
Action konfigurieren
- configure terminal
- port-security 24 action send-disable
- end
Port Security anzeigen
Port Security Port : 24 Learn Mode [Continuous] : Static Address Limit [1] : 3 Action [None] : Send Alarm, Disable Port Authorized Addresses -------------------- 00040d-0b2015 60eb69-962da5
Mac Adresse Manuell eintragen
- configure terminal
- port-security 24 mac-address 001060-8a2bee
- end
Port Security anzeigen
Port Security Port : 24 Learn Mode [Continuous] : Static Address Limit [1] : 3 Action [None] : Send Alarm, Disable Port Authorized Addresses -------------------- 00040d-0b2015 001060-8a2bee 60eb69-962da5
Portsecurity neu setzen (configured)
- configure terminal
- no port-security 24
- port-security 24 learn-mode configured address-limit 1 action send-disable mac-address 60eb69962da5
- end
Port Security anzeigen
Port Security Port : 24 Learn Mode [Continuous] : Configured Address Limit [1] : 1 Action [None] : Send Alarm, Disable Port Authorized Addresses -------------------- 60eb69-962da5
Nach Anschluss einer nicht zugelassenen Macaddresse
- show interfaces brief 24
Status and Counters - Port Status
| Intrusion MDI Flow Bcast
Port Type | Alert Enabled Status Mode Mode Ctrl Limit
------- --------- + --------- ------- ------ ---------- ----- ----- ------
24 24 | No Yes Down 1000FDx MDI off 0
Wieder aktivieren
- configure terminal
- interface 24 enable
- end