How to configure port security to limit the number of connected devices
The example shows administrators how to configure port security to limit the number of connected devices. In a real environment, port security controls the number of users connecting to a server.
Note:
All network IP addresses and subnet masks are used as examples in this article. Please replace them with your actual network IP addresses and subnet masks.
1. Configure Switch-1
Enter web GUI and go to Menu > Advanced Application > Port Security. Check port 3 and set the “Limited Number of Learned MAC Address” to 2.
Note:
The Zyxel switch sends Link Layer Discovery Protocol (LLDP) packets every period of time by default. If Switch-2 does not support LLDP or is disabled, Limited Number of Learned MAC Address can be set to 1. Otherwise, set this to 2.
2. Test the Result
2-1. PC-1 can ping Server successfully.
2-2. Connect PC-2 to port 2.
2-3. PC-2 cannot ping Server.
2-4. Access Switch-1 web GUI. Go to Menu > Management > MAC Table > Search. The MAC Address Table should show MAC address of PC-1 (and Switch-2), but not the MAC address of PC-2.
3. What Could Go Wrong
The MAC address of Switch-2 will also be learned in Switch-1 MAC address table. Therefore, remember to consider Switch-2’s MAC address when setting the number of Limited Number of Learned MAC Address.
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 146 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 260 USG FLEX H Series
- 270 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight