How to configure port security to limit the number of connected devices
The example shows administrators how to configure port security to limit the number of connected devices. In a real environment, port security controls the number of users connecting to a server.
All network IP addresses and subnet masks are used as examples in this article. Please replace them with your actual network IP addresses and subnet masks.
1. Configure Switch-1
Enter web GUI and go to Menu > Advanced Application > Port Security. Check port 3 and set the “Limited Number of Learned MAC Address” to 2.
The Zyxel switch sends Link Layer Discovery Protocol (LLDP) packets every period of time by default. If Switch-2 does not support LLDP or is disabled, Limited Number of Learned MAC Address can be set to 1. Otherwise, set this to 2.
2. Test the Result
2-1. PC-1 can ping Server successfully.
2-2. Connect PC-2 to port 2.
2-3. PC-2 cannot ping Server.
2-4. Access Switch-1 web GUI. Go to Menu > Management > MAC Table > Search. The MAC Address Table should show MAC address of PC-1 (and Switch-2), but not the MAC address of PC-2.
3. What Could Go Wrong
The MAC address of Switch-2 will also be learned in Switch-1 MAC address table. Therefore, remember to consider Switch-2’s MAC address when setting the number of Limited Number of Learned MAC Address.