TP-Link TL-SG5428 TL-SG5428 V1 CLI Reference Guide - Page 112
Address Commands, bridge address port-security
View all TP-Link TL-SG5428 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 112 highlights
Chapter 20 Address Commands Address configuration can improve the network security by configuring the Port Security and maintaining the address information by managing the Address Table. bridge address port-security Description The bridge address port-security command is used to configure port security. To return to the default configuration, please use no bridge address port-security command. Port Security is to protect the switch from the malicious MAC address attack by limiting the maximum number of the MAC addresses that can be learned on the port. The port with Port Security feature enabled will learned the MAC address dynamically. When the learned MAC address number reaches the maximum, the port will stop learning. Therefore, the other devices with the MAC address unlearned can not access to the network via this port. Syntax bridge address port-security [max-number {num}] [ mode {dynamic | static | permanent} ] [ status {disable | enable} ] no bridge address port-security Parameter num -- The maximum number of MAC addresses that can be learned on the port. It ranges from 0 to 1024. By default this value is 1024. mode -- Learn mode for MAC addresses. There are three modes, including Dynamic mode, Static mode and Permanent mode. When Dynamic mode is selected, the learned MAC address will be deleted automatically after the aging time. When Static mode is selected, the learned MAC address will be out of the influence of the aging time and can only be deleted manually. The learned entries will be cleared after the switch is rebooted. When permanent mode is selected, the learned MAC address will be out of the influence of the aging time and can only be deleted manually too. However, the learned entries will be saved even the switch is rebooted. status -- Enable or disable the Port Security function for a specified port. By default, this function is disabled. 100