Port Access Control - Hirschmann RS20 User Manual

Protection from unauthorized access

6.4 Port access control

6.4.1 Port access control
The device protects every port from unauthorized access. Depending on
your selection, the device checks the MAC address or the IP address of the
connected device.
The following functions are available for monitoring every individual port:
Who has access to this port?
The device recognizes 2 classes of access control:
All:
– no access restriction.
– MAC address 00:00:00:00:00:00 or
– IP address 0.0.0.0.
User:
– only one assigned user has access.
– you define the user via his/her MAC or IP address.
What should happen after an unauthorized access attempt?
The device can respond in three selectable ways to an unauthorized ac-
cess attempt:
non: no response
trapOnly: message by sending a trap
portDisable:message by sending a trap and disabling the port
Note: Since the device is a layer 2 device, it translates the IP addresses en-
tered into MAC addresses. For this, exactly one IP address must be assigned
to a MAC address.
Please keep in mind that when using a router, for example, several IP ad-
dresses can be assigned to one MAC address, namely that of the router. This
means that all packets of the router will pass the port unchecked if the per-
mitted IP address is that of the router.
If a connected device sends packets with other MAC addresses and a per-
mitted IP address, the device will disable the port.
Basic Configuration L2P
Release 4.2 07/08
6.4 Port access control
85