Allied Telesis AT-S94 User Manual

Configuring Device Security

Configuring Network Security

Page 69

4.

Click Modify. The Port Security Configuration Page opens:

Figure 38: Port Security Configuration Page

The Port Security Configuration Page contains the following fields:

•

Interface — Displays the port name.

•

Action On Violation— Indicates the intruder action defined for the port. Indicates the action to be applied to

packets arriving on a locked port. The possible values are:

–

Forward — Forwards packets from an unknown source without learning the MAC address.

–

Discard — Discards packets from any unlearned source. This is the default value.

–

Shutdown — Discards packets from any unlearned source and shuts down the port. The port remains

shut down until reactivated, or until the device is reset.

•

Learning Mode — Defines the locked port type. The possible field values are:

–

Classic Lock — Locks the port using the classic lock mechanism. The port is immediately locked,

regardless of the number of addresses that have already been learned.

–

Limited Dynamic Lock — Locks the port by deleting the current dynamic MAC addresses associated with

the port. The port learns up to the maximum addresses allowed on the port. Both relearning and aging
MAC addresses are enabled. Previously learned MAC addresses are not deleted but are converted to a
static MAC address.

•

Max Entries — Specifies the number of MAC addresses that can be learned on the port before the port is

locked. The field range is 1-128. The default is 1.

•

Enable Trap — Indicates if the SNMP trap generated if there is a violation. The possible values are:

–

Yes — Trap is generated.

–

No — No trap is generated.

•

Lock Interface —Locks the interface.

•

Trap Frequency — The time interval (in seconds) between traps. The possible field range is 1-1,000,000

seconds, and the default is 10 seconds.

5.

Select the security mode for the selected port(s).