beautypg.com

Chapter 4 - configuration management, 4 port security – Asus GigaX2124 User Manual

Page 75

background image

63

Chapter 4 - Configuration Management

ASUS GigaX2124

4.11.4 Port Security

The switch also supports port security feature. It enables a system’s

administrator to control who can connect to their network. You can use

the port security feature to restrict input to an interface by limiting and

identifying MAC addressed of the stations allowed to access the port.

When you assign secure MAC addresses to a secure port, the port does

not forward with source addresses outside the group of defined addresses.

This decreases the possibility that a non-authorized device can use our

network for malicious purposes.

4.11.4.1 Port Configuration

The page is used to configure port security configuration.
First, you must select a port by clicking it from the following table. Then,

begin to set the port configuration. Click Modify when setting done with

the modifications:

Admin: Enable or disable port security feature.

Violation Mode: It decides the port behavior when security violation

happens. If shutdown is selected, the port becomes blocking state

and system logs a syslog message, and increments the violation

counter. If restrict is selected, a syslog message is logged, and the

violation counter increments. If protect is selected, you are not notified

that a security violation has occurred.

Max MAC Address: The maximum number of secure MAC addresses

on this port. It is between 1 and 256 and the total number in the

system is 1024.

Aging Time: The aging time for this port. After the expiration of

the time, the corresponding dynamic secure MAC address will be

removed from secure MAC address table. The valid range is 0 to

1440 (min). If the time is equal to 0, the aging mechanism is disabled

for this port.

Aging Type: The aging type determines the action when the secure

MAC addresses are aged out. If absolute is selected, the secure

addresses on the port are deleted after the specified aging time. If

inactivity is selected, the secure addresses in the port are deleted only

if there is no data traffic from the secure source MAC address for the

specified time period.

See also other documents in the category Asus Communication: