Comware

 View Only

  • 1.  Port Security by mac address

    Posted Apr 22, 2010 04:27 PM
    I need to lock down some ports by mac address but have more than 8 devices, which appears to be the max I can add. Is there another way to do this. The devices are static in that they don't change very often. There are 12 or so devices that need to pass thru this port from one side, to any device on the other side.


  • 2.  RE: Port Security by mac address

    Posted Apr 23, 2010 05:00 AM
    Hi,
    I fear you will be limited to 8 addresses.
    Although not knowing the switch type of use in your case, I checked the manual for the ProVision (yl/zl) series.

    This pretty much clearly confirms your doubts:
    When learn-mode is set to static, configured, or limited-continuous, theaddress-limit parameter specifies how many authorized devices (MAC addresses) to allow. Range: 1 (the default) to 8 for static and configured modes. For learn-mode with the limited-continuous option, the range is 1-32 addresses.


    An alternative - with switch-external overhead, however - would be the usage of MAC address based authentication (against a RADIUS server). In that case, the limit would be configurable to a maximum of 32 MAC addresses.

    Regards,
    Ralf


Related Content