How to configure port security to limit the number of connected devices

Zyxel_LuciousZyxel_Lucious Zyxel Official Agent Posts: 218  mod
edited August 14, 2019 4:27PM in Network Security

The example shows administrators how to configure port security to limit the number of connected devices. In a real environment, port security controls the number of users connecting to a server.

Note:

All network IP addresses and subnet masks are used as examples in this article. Please replace them with your actual network IP addresses and subnet masks.


1. Configure Switch-1

Enter web GUI and go to Menu > Advanced Application > Port Security. Check port 3 and set the “Limited Number of Learned MAC Address” to 2.

Note:

The Zyxel switch sends Link Layer Discovery Protocol (LLDP) packets every period of time by default. If Switch-2 does not support LLDP or is disabled, Limited Number of Learned MAC Address can be set to 1. Otherwise, set this to 2.


2. Test the Result

2-1. PC-1 can ping Server successfully.

2-2. Connect PC-2 to port 2.

2-3. PC-2 cannot ping Server.

2-4. Access Switch-1 web GUI. Go to Menu > Management > MAC Table > Search. The MAC Address Table should show MAC address of PC-1 (and Switch-2), but not the MAC address of PC-2.


3. What Could Go Wrong

The MAC address of Switch-2 will also be learned in Switch-1 MAC address table. Therefore, remember to consider Switch-2’s MAC address when setting the number of Limited Number of Learned MAC Address.

Sign In to comment.