D-Link Forums

The Graveyard - Products No Longer Supported => Hubs and Switches => DGS-1224T => Topic started by: jimmiec8 on June 23, 2016, 11:42:42 AM

Title: Port Security DGS-1210-28
Post by: jimmiec8 on June 23, 2016, 11:42:42 AM

Sorry to cross post, but I realized my first post was in the wrong area. Can anyone tell me the proper way to setup port security on my DGS-1210-28 switch? I have all of my MAC addresses defined in the static MAC table. I enabled port security on all ports and assigned them the Max number of Learning addreses that are needed, (most of them just 1) . The problem I have is that when I test my security with a laptop that is not in my static MAC address table it still is able to connect with no problem. Should the ports that have static MAC addresses already assigned be set to Zero Learning addresses in Port Security?

Title: Re: Port Security DGS-1210-28
Post by: FurryNutz on June 23, 2016, 11:52:16 AM

You might check the ref manual on this on page 52 and see if you have everything configured correctly. I don't have much experience with smart switches. I can possibly get some additional help on this if needed.

Title: Re: Port Security DGS-1210-28
Post by: jimmiec8 on June 23, 2016, 12:58:10 PM

Quote from: FurryNutz on June 23, 2016, 11:52:16 AM

You might check the ref manual on this on page 52 and see if you have everything configured correctly. I don't have much experience with smart switches. I can possibly get some additional help on this if needed.

Thanks, but I have read it over and over :)

Title: Re: Port Security DGS-1210-28
Post by: FurryNutz on June 23, 2016, 12:59:51 PM

Ok, I'll see if we can get some additional eyes on this... ::)

Title: Re: Port Security DGS-1210-28
Post by: PacketTracer on June 23, 2016, 03:02:32 PM

Hi,

from reading the manual, the following list should be all you have to do:

In "Static MAC configuration"

• Set "Disable auto learning on ports other than the uplink ports configured below" to "On"
• In the line "Uplink Port" uncheck all ports, you want to be protected (Unchecking = NO Uplink Port = auto learning will be disabled)
• Enter the Static MAC Address List

If my understanding is right, the clause "To initiate the removal of auto-learning for any of the uplink ports, click On to enable this feature, and then select the port(s) for autolearning to be disabled" in the manual is misleading. It should say  "To initiate the removal of auto-learning for any of the non-uplink ports, click On to enable this feature, and then uncheck the port(s) for autolearning to be disabled" instead.

If auto learning is disabled this way, the settings for "port security" should be irrelevant because they depend on auto learning being enabled. I would reset these settings to defaults (Admin State = Disabled for any port).

PT