Configuring port security, Port security – LevelOne GTL-2691 User Manual
Page 380
C
HAPTER
13
| Security Measures
Configuring Port Security
– 380 –
To show a list of IP addresses authorized for management access:
1.
Click Security, IP Filter.
2.
Select Show from the Action list.
Figure 198: Showing IP Addresses Authorized for Management Access
C
ONFIGURING
P
ORT
S
ECURITY
Use the Security > Port Security page to configure the maximum number
of device MAC addresses that can be learned by a switch port, stored in the
address table, and authorized to access the network.
When port security is enabled on a port, the switch stops learning new MAC
addresses on the specified port when it has reached a configured maximum
number. Only incoming traffic with source addresses already stored in the
address table will be authorized to access the network through that port. If
a device with an unauthorized MAC address attempts to use the switch
port, the intrusion will be detected and the switch can automatically take
action by disabling the port and sending a trap message.
CLI R
EFERENCES
◆
C
OMMAND
U
SAGE
◆
The default maximum number of MAC addresses allowed on a secure
port is zero (that is, disabled). To use port security, you must configure
the maximum number of addresses allowed on a port.
◆
To configure the maximum number of address entries which can be
learned on a port, first disable port security on a port, and then specify
the maximum number of dynamic addresses allowed. The switch will
learn up to the maximum number of allowed address pairs <source
MAC address, VLAN> for frames received on the port. When the port
has reached the maximum number of MAC addresses, the port will stop
learning new addresses. The MAC addresses already in the address
table will be retained and will not be aged out.
Note that you can manually add additional secure addresses to a port
using the Static Address Table (