How to configure port security to limit the number of connected devices

Zyxel小編 Lucious
Zyxel小編 Lucious Posts: 277  Zyxel Employee
25 Answers First Comment Friend Collector Third Anniversary
edited July 2022 in Network Security

The example shows administrators how to configure port security to limit the number of connected devices. In a real environment, port security controls the number of users connecting to a server.

Note:

All network IP addresses and subnet masks are used as examples in this article. Please replace them with your actual network IP addresses and subnet masks.


1. Configure Switch-1

Enter web GUI and go to Menu > Advanced Application > Port Security. Check port 3 and set the “Limited Number of Learned MAC Address” to 2.

Note:

The Zyxel switch sends Link Layer Discovery Protocol (LLDP) packets every period of time by default. If Switch-2 does not support LLDP or is disabled, Limited Number of Learned MAC Address can be set to 1. Otherwise, set this to 2.


2. Test the Result

2-1. PC-1 can ping Server successfully.

2-2. Connect PC-2 to port 2.

2-3. PC-2 cannot ping Server.

2-4. Access Switch-1 web GUI. Go to Menu > Management > MAC Table > Search. The MAC Address Table should show MAC address of PC-1 (and Switch-2), but not the MAC address of PC-2.


3. What Could Go Wrong

The MAC address of Switch-2 will also be learned in Switch-1 MAC address table. Therefore, remember to consider Switch-2’s MAC address when setting the number of Limited Number of Learned MAC Address.