beautypg.com

Configure port security – NETGEAR MS510TXPP 8 Port Gigabit PoE Managed Switch User Manual

Page 251

background image

Smart Managed Pro Switches MS510TX and MS510TXPP

Manage Device Security

User Manual

251

To configure a single port, select the check box associated with the port, or type the
port number in the

Go To Interface

field and click the

Go

button.

To configure multiple ports with the same settings, select the check box associated
with each port.

To configure all ports with the same settings, select the check box in the heading row.

7.

From the

Status

menus in the Unknown Unicast, Multicast, and Broadcast columns, select

whether storm control is enabled or disabled. By default, storm control is disabled.

If the rate of incoming unknown Layer 2 unicast traffic (that is, traffic for which a
destination lookup failure occurs) increases beyond the configured threshold on the port,
the traffic is dropped.

8.

If the selection from a

Status

menu for a port is

Enable

, in the associated

Threshold

field,

specify the maximum rate at which unknown unicast, multicast, or broadcast packets are

forwarded.

The range is a percent of the total threshold between 0 and 100%. The default is 5%.
Storm control is configured as a percentage of the maximum port speed.

9.

Click the

Apply

button.

Your settings are saved.

Configure Port Security

Port security lets you lock one or more ports on the switch. When a port is locked, only
packets with an allowable source MAC addresses can be forwarded. All other packets are
discarded.

Configure a Port Security Interface

A MAC address can be defined as allowable by one of two methods: dynamically or statically.

Both methods are used concurrently when a port is locked.

Dynamic locking implements a first arrival mechanism for port security. You specify how
many addresses can be learned on the locked port. If the limit was not reached, then a
packet with an unknown source MAC address is learned and forwarded normally. When the
limit is reached, no more addresses are learned on the port. Any packets with source MAC
addresses that were not already learned are discarded. You can effectively disable dynamic
locking by setting the number of allowable dynamic entries to zero.

To configure port security settings:

1.

Connect your computer to the same network as the switch.

You can use a WiFi or wired connection to connect your computer to the network, or
connect directly to a switch that is off-network using an Ethernet cable.

2.

Launch a web browser.

3.

In the address field of your web browser, enter the IP address of the switch.

If you do not know the IP address of the switch, see

Access the Switch on page

14

.