Allied Telesis AT-S62 User Manual

Chapter 24: MAC Address-based Port Security

326

Section VI: Port Security

that the port has already learned and any static MAC addresses
assigned to the port.

Dynamic MAC addresses learned by the port prior to the activation of
this security level never time out from the MAC address table, even
when the corresponding end nodes are inactive. However, the port will
not learn any new dynamic addresses.

You can continue to add new static MAC addresses to a port operating
under this security level.

7. If you select the Limited security level, additional options are displayed

in the window for you to configure. They are defined here:

Intrusion Action
Specifies what the switch should do if a port receives an invalid frame.
Options are

ˆ

Discard - Discards the invalid frame.

ˆ

Trap - Discards the invalid frame and sends an SNMP trap.

ˆ

Discard - Discards the invalid frame, sends an SNMP trap, and
disables the port.

Threshold
Specifies the maximum number of dynamic MAC addresses that a port
can learn. This only applies to the Limited security level. The range is 1
to 256. The default is 100.

Port Participating
Applies only when the intrusion action is set to trap or disable. This
option does not apply when intrusion action is set to discard. If this
option is set to No when intrusion action is set to trap or disable, the
port discards invalid packets, but it does not send the SNMP trap or
disable the port. If you want the switch to send a trap and/or disable
the port, you must sent this option to Yes.

8. After configuring the parameters, click Apply.

A change to the MAC security is immediately activated on a port.

9. To permanently save the changes, select the Save Config menu

selection.