This example shows administrators how to configure port security to limit the number of connected devices.
In a real environment, port security controls the number of users connecting to a server.
Configure the port security to limit the number of connected devices
1. Configure Switch-1
Enter web GUI and go to Menu > Advanced Application > Port Security. Check port 3 and set the “Limited Number of Learned MAC Address” to 2.
If you set the Learned MAC addresses to 0 and add a MAC to the Static MAC Table, only this single device is allowed to connect to the configured port.
2. Test the result
- PC-1 can ping Server
- Connect PC-2 to port
- PC-2 cannot ping server
- Access web GUI of Switch-1. Go to Menu > Management > MAC Table > Search. The MAC Address Table should show the MAC address of PC-1 (and Switch-2), but not the MAC address of PC-2.
3. What could go wrong
The MAC address of Switch-2 will also be learned in Switch-1 MAC address table. Therefore, remember to consider Switch-2’s MAC address when setting the number of Limited Number of Learned MAC Address.
KB-00316
Comments
1 comment
Hi there,
I'm facing an issue using gs1900-24hp. The port security is from 0-256. So I select 0 for 1 mac address isn't it, because if I select 1, I can get a dynamic mac and static one I just added before.
It also strange because it doesn't work sometimes and I have to try and try, sometimes I have to power reset the switch to work.
Could you help me, please? The firmware I have is the GS1900-24HP_2.50(AAHM.0)C0.
Thank you so much,
Marcelo
Please sign in to leave a comment.