Configure port security – NETGEAR MS510TXPP 8 Port Gigabit PoE Managed Switch User Manual
Page 251
Smart Managed Pro Switches MS510TX and MS510TXPP
Manage Device Security
User Manual
251
•
To configure a single port, select the check box associated with the port, or type the
port number in the
Go To Interface
field and click the
Go
button.
•
To configure multiple ports with the same settings, select the check box associated
with each port.
•
To configure all ports with the same settings, select the check box in the heading row.
7.
From the
Status
menus in the Unknown Unicast, Multicast, and Broadcast columns, select
whether storm control is enabled or disabled. By default, storm control is disabled.
If the rate of incoming unknown Layer 2 unicast traffic (that is, traffic for which a
destination lookup failure occurs) increases beyond the configured threshold on the port,
the traffic is dropped.
8.
If the selection from a
Status
menu for a port is
Enable
, in the associated
Threshold
field,
specify the maximum rate at which unknown unicast, multicast, or broadcast packets are
forwarded.
The range is a percent of the total threshold between 0 and 100%. The default is 5%.
Storm control is configured as a percentage of the maximum port speed.
9.
Click the
Apply
button.
Your settings are saved.
Configure Port Security
Port security lets you lock one or more ports on the switch. When a port is locked, only
packets with an allowable source MAC addresses can be forwarded. All other packets are
discarded.
Configure a Port Security Interface
A MAC address can be defined as allowable by one of two methods: dynamically or statically.
Both methods are used concurrently when a port is locked.
Dynamic locking implements a first arrival mechanism for port security. You specify how
many addresses can be learned on the locked port. If the limit was not reached, then a
packet with an unknown source MAC address is learned and forwarded normally. When the
limit is reached, no more addresses are learned on the port. Any packets with source MAC
addresses that were not already learned are discarded. You can effectively disable dynamic
locking by setting the number of allowable dynamic entries to zero.
To configure port security settings:
1.
Connect your computer to the same network as the switch.
You can use a WiFi or wired connection to connect your computer to the network, or
connect directly to a switch that is off-network using an Ethernet cable.
2.
Launch a web browser.
3.
In the address field of your web browser, enter the IP address of the switch.