Example
Console# show management all-client
Management IP Filter
HTTP-Client:
Start IP address
192.168.1.19
192.168.1.25
SNMP-Client:
Start IP address
192.168.1.19
192.168.1.25
TELNET-Client:
Start IP address
192.168.1.19
192.168.1.25
Console#
5.13 Client Security Commands
This switch supports many methods of segregating traffic for clients attached to each of the data ports, and for ensuring that only
authorized clients gain access to the network. Private VLANs and port-based authentication using IEEE 802.1X are commonly
used for these purposes. In addition to these methods, several other options of providing client security are described in this
section. These include port-based authentication, which can be configured to allow network client access by specifying a fixed
set of MAC addresses. The addresses assigned to DHCP clients can also be carefully controlled using static or dynamic
bindings with the IP Source Guard and DHCP Snooping commands.
Table 4-40 Client Security Commands
Command Group
Private VLANs
Port Security*
Port Authentication*
Network Access*
Web Authentication*
Access Control Lists*
End IP address
192.168.1.19
192.168.1.30
End IP address
192.168.1.19
192.168.1.30
End IP address
192.168.1.19
192.168.1.30
Function
Configures private VLANs, including uplink and downlink ports
Configures secure addresses for a port
Configures host authentication on specific ports using 802.1X
Configures MAC authentication and dynamic VLAN assignment
Configures Web authentication
Provides filtering for IP frames (based on address, protocol, TCP/UDP port
number or TCP control code) or non-IP frames (based on MAC address or
Ethernet type)
User's Manual of SGSD-1022 / SGSD-1022P
470
SGSW-2840 / SGSW-2840P