1-8If you configure the NTK feature and execute the port-security intrusion-mode blockmac commandon the same port, the switch will be unable to disable the packets whose destination MAC address isillegal from being sent out that port; that is, the NTK feature configured will not take effect on the packetswhose destination MAC address is illegal.Configuring the Trap featureFollow these steps to configure port security trapping:To do... Use the command... RemarksEnter system view system-view —Enable sending traps for thespecified type of eventport-security trap { addresslearned |dot1xlogfailure | dot1xlogoff | dot1xlogon |intrusion | ralmlogfailure | ralmlogoff |ralmlogon }RequiredBy default, notrap is sent.Ignoring the Authorization Information from the RADIUS ServerAfter an 802.1x user or MAC-authenticated user passes Remote Authentication Dial-In User Service(RADIUS) authentication, the RADIUS server delivers the authorization information to the device. Youcan configure a port to ignore the authorization information from the RADIUS server.Follow these steps to configure a port to ignore the authorization information from the RADIUS server:To do... Use the command... RemarksEnter system view system-view —Enter Ethernet port view interface interface-typeinterface-number —Ignore the authorizationinformation from the RADIUSserverport-security authorizationignoreRequiredBy default, a port uses theauthorization information fromthe RADIUS server.Configuring Security MAC AddressesSecurity MAC addresses are special MAC addresses that never age out. One security MAC addresscan be added to only one port in the same VLAN so that you can bind a MAC address to one port in thesame VLAN.Security MAC addresses can be learned by the auto-learn function of port security or manuallyconfigured.Before adding security MAC addresses to a port, you must configure the port security mode toautolearn. After this configuration, the port changes its way of learning MAC addresses as follows.z The port deletes original dynamic MAC addresses;