The port-security enable command enables the port security function on an interface.
The undo port-security enable command disables the port security function on an interface.
By default, port security is disabled on an interface.
Usage Scenario
After port security is enabled on an interface, MAC address entries learned by the interface are stored in the MAC address table as secure dynamic MAC address entries. By default, secure dynamic MAC addresses will not be aged out. After the device restarts, secure dynamic MAC address entries are lost and need to be relearned.
Precautions
The protection action, maximum number of learned secure MAC address entries, and sticky MAC function can be configured only after port security is enabled.
When the AP's wired interface works in root or middle mode, port security cannot be configured. Port security can be configured on an AP's wired interface only when the interface works in endpoint mode.
# Enable port security.
<HUAWEI> system-view [HUAWEI] wlan [HUAWEI-wlan-view] wired-port-profile name wire1 [HUAWEI-wlan-wired-port-wire1] mode endpoint Warning: If the AP goes online through a wired port, the incorrect port mode con figuration will cause the AP to go out of management. This fault can be recovere d only by modifying the configuration on the AP. Continue? [Y/N]:y Warning: This action will take effect after resetting AP. [HUAWEI-wlan-wired-port-wire1] port-security enable