Viewing lock status information, Viewing lock status information -14 – Enterasys Networks 6000 User Manual
Page 177
Managing Ethernet MicroLAN Modules
5-14
Repeater Statistics
For newer firmware versions:
•
For station ports, the locking mechanism behaves as described above: the first two
detected addresses are automatically secured; port locking will shut down the port if
any additional addresses attempt access.
•
For trunk ports detecting more than two but fewer than 34 addresses, only the first
two detected addresses are automatically secured, and no additional addresses can be
secured. Due to a firmware anomaly, trunk ports may shut down if they are locked.
•
Trunk ports with more than 34 addresses are considered unsecurable, and will not be
locked.
Viewing Lock Status Information
The Device View for Ethernet MicroLAN modules displays the port locking status of each
repeater channel in a panel to the left of the module.
•
If the Lock Status icon is green and open, no ports on that repeater are locked.
•
If the Lock Status icon is red and closed, all ports on that repeater are locked.
•
If the Lock Status icon is yellow and open, the port lock status on the repeater is mixed.
NOTE
On devices running older firmware versions,
unlinked ports will be disabled immediately
after locking has been enabled; these ports can be re-enabled using their port menus, but
they will immediately be disabled again if a device is connected and begins transmitting
(since the port’s source address table was locked in an empty state). Be sure to unlock
empty ports before linking them.
!
CAUTION
Because of a firmware anomaly which may cause certain trunk ports to be shut down if
they are locked, we recommend that you do not implement Port Locking from the Repeater
menu for any channel which contains a trunk port supporting more than two but fewer
than 34 users. You can still achieve a measure of security on such channels, however, by
locking ports individually from the Port Security window; see
, for details.
NOTE
The Device Aging Time does not apply to station ports when Locking is enabled, although
the snapshot of the Source Address Database provided by the Source Addressing window
may show the detected source address aging out if that address remains inactive, and the
appropriate trap will be generated.