314
Usage guidelines
As a best practice, disable this feature to prevent excessive output of logs for port security users.
If you do not specify any parameters, this command enables all logging functions for port security
users.
Examples
# Enable logging for intrusion protection.
<Sysname> system-view
[Sysname] port-security access-user log enable violation
Related commands
info-center source portsec logfile deny
(
Network Management and Monitoring Command
Reference
)
port-security authentication open
Use
port-security authentication open
to enable open authentication mode on a port.
Use
undo port-security authentication open
to disable open authentication mode on a port.
Syntax
port-security authentication open
undo port-security authentication open
Default
Open authentication mode is disabled on a port.
Views
Layer 2 Ethernet interface view
Layer 2 aggregate interface view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
This command enables access users (802.1X or MAC authentication users) of a port to come online
and access the network even if they use nonexistent usernames or incorrect passwords.
Access users that come online in open authentication mode are called open users. Authorization and
accounting are not available for open users. To display open user information, use the following
commands:
•
display dot1x connection open
.
•
display mac-authentication connection open
.
Open authentication mode does not affect the access of users that use correct user information on
the port.
The open authentication mode setting has lower priority than the 802.1X Auth-Fail VLAN and the
MAC authentication guest VLAN. Open authentication mode does not take effect on a port if the port
is also configured with the 802.1X Auth-Fail VLAN or the MAC authentication guest VLAN.
For information about 802.1X authentication or MAC authentication, see
Security Configuration
Guide
.