NETGEAR FSM7328SNA Administration Manual page 286

NETGEAR Managed Switches Software Administration Manual, Release 8.0
• When link goes down, all dynamically locked addresses are 'freed'
• If a specific MAC address is to be set for a port, set the dynamic entries to 0, then only allow packets
with a MAC address matching the MAC address in the static list
• Dynamically locked MAC addresses are aged out if another packet with that address is not seen within
the age-out time. The user can set the time-out value.
• Dynamically locked MAC addresses are eligible to be learned by another port
• Static MAC addresses are not eligible for aging
• Dynamically locked addresses can be converted to statically locked addresses
Set the Dynamic and Static Limit on the Port 1/0/1
The example is shown as CLI commands and as a Web interface procedure.
CLI: Setting the Dynamic and Static Limit on the Port 1/0/1
(Netgear Switch) (Config)#port-security
Enable port-security globally
(Netgear Switch) (Config)#interface 1/0/1
(Netgear Switch) (Interface 1/0/1)#port-security
Enable port-security on port 1/0/1
(Netgear Switch) (Interface 1/0/1)#port-security max-dynamic 10
Set the dynamic limit to 10
(Netgear Switch) (Interface 1/0/1)#port-security max-static 3
Set the static limit to 3
(Netgear Switch) (Interface 1/0/1)#ex
(Netgear Switch) (Config)#ex
(Netgear Switch) #show port-security 1/0/1
Admin
Intf Mode
------ -------
1/0/1 Disabled
Web Interface: Setting the Dynamic and Static Limit on the
Port 1/0/1
1. To use the Web interface to enable port-security globally, proceed as follows:
a. From the main menu, select Security > Traffic Control >Port Security->Port Administrator. A
screen similar to the following displays.
15-2
Dynamic Static
Limit
----------
10
v1.0, October 2009
Violation
Limit Trap Mode
---------
3 Disabled
----------
Security Management