Chapter 5 | Configuration Using the |
Disabled ports can be reactivated from the Port Settings screen of the Port Management tab.
Interface Select Unit No. or LAG, then select the desired interface from the appropriate
Lock Interface Select this option to lock the interface. The default is not selected (interface not locked).
Learning Mode Defines the locked port type. This field is enabled only if Lock Interface is not selected. The possible values are:
•Classic Lock Locks the port using the classic lock mechanism. The port is immediately locked, regardless of how many addresses have already been learned.
•Limited Dynamic Lock Locks the port by deleting the current dynamic MAC addresses associated with the port. The port learns up to the maximum number of addresses allowed on the port. Both relearning and aging MAC addresses are enabled.
In order to change the Learning Mode, the Lock Interface must be unselected. Once the Learning Mode is changed, the Lock Interface can be reinstated.
Max Entries Specifies the number of MAC addresses that can be learned on the port. This field is enabled only if Learning Mode is set to Limited Dynamic Lock. The default value is 1.
Action on Violation Indicates the action to be applied to packets arriving on a locked port. The possible values are:
•Discard Discards packets from any unlearned source. This is the default value.
•Forward Forwards packets from an unknown source without learning the MAC address.
•Discard Disable Discards packets from any unlearned source and shuts down the port. The port remains shut down until reactivated, or until the device is reset.
Enable Trap Enables traps when a packet is received on a locked port.
Trap Frequency The amount of time (in seconds) between traps. The default value is 10 seconds.
Update If you click this button, your changes are saved and appear immediately in the table at the bottom of the Port Security screen.
The lower portion of the Port Security screen displays a summary of the settings in the upper portion of the screen. The settings are displayed for each of the ports on the Switch.
Click Save Settings to apply the changes, or Cancel Changes to cancel the changes.
Security > Management Access List
Use the Management Access List screen to specify IP addresses that are to be allowed to manage the device, using an IP address and wildcard mask.
Security > IP Access List
Web IP Filtering
The Management Access List screen contains two sections, Web IP Filtering and SNMP IP Filtering. These sections are identical except for the types of IP addresses that they relate to.
IP Address Enter the web IP address or SNMP IP address to be allowed.
Wildcard Mask Enter the wildcard mask for the web IP address or SNMP IP address. Wildcard masks specify which bits are used and which bits are ignored. A wild card mask of 255.255.255.255 indicates that no bit is important. A wildcard of 0.0.0.0 indicates that all the bits are important. For example, if the source IP address is 149.36.184.198 and the wildcard mask is 255.36.184.00, the first eight bits of the IP address are ignored, while the last eight bits are used.
Add to List Click this button to save the IP address and Wildcard Mask. The information will appear in the list at the bottom of the screen.
The bottom portions of both the Web IP Filtering and SNMP IP Filtering sections displays the current IP access list, where each entry consists of an IP Address and Wildcard Mask. To delete an entry from the list, select it and click Delete.
Click Save Settings to apply the changes, or Cancel Changes to cancel the changes.
30 |