Module Level Security Configuration
Local Management Supplement
3-9
•
LockedOnAddr – The Security State of all ports on the specified
connector are set to LockedOnAddr. This setting is for convenience, so
that all ports on an interface connector can be set to LockedOnAddr at
one time. Until the address is set at the repeater port level, the port will
default to the locked on address of “00-00-00-00-00-00” as indicated
by “XX-XX-XX-XX-XX-XX” in the address field shown in
Figure 3-4
. If an address is configured or received, the port locks down
on the address that is currently configured in the Port Level Security
Configuration screen (if one is entered) or on the source address of the
currently received frame. If the port locks on address and a frame is
received that violates security, the actions selected in the Action On
Intruder field are executed.
Action On Intruder (Toggle)
Used to select the actions taken for the selected security state. There are
two fields to select the actions. Both toggle to activate or deactivate the
action.
•
DisablePort/NoDisable – DisablePort causes the switch to turn off the
port that had a security violation. With NoDisable set, the port is not
turned off.
•
SendTrap/NoTrap – SendTrap causes the switch to send an SNMP trap
when a port detects a security violation. With NoTrap set, no SNMP
trap is sent.
3.3.1
Setting the Module Level Security
To set the module security simultaneously for all ports on a connector,
proceed as follows:
1.
Use the arrow keys to highlight the Security State field for the
connector.
2.
Use the SPACE bar to step to the appropriate security level.
3.
If the security level chosen causes the DisablePort and SendTrap
fields to display under Action On Intruder, use the arrow keys to
highlight the DisablePort field. If the security level chosen does not
cause the fields to display under Action On Intruder, proceed to step 7.
4.
To change the DisablePort setting to NoDisable, press the SPACE
bar to toggle the setting.