Home » ZyXEL Manuals » Networking » ZyXEL GS1910-24 » Manual Viewer

ZyXEL GS1910-24 User Guide - Page 45

Enabling Port Isolation

Get ZyXEL GS1910-24 PDF manuals and user guides

View all ZyXEL GS1910-24 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 45 highlights

5 Click Save to save the settings to the Switch. Chapter 5 Tutorials 5.6.2 Enabling Port Isolation Follow the steps below to configure port isolation. 1 Click Configuration > Private VLANs > Port Isolation. 2 Select the check boxes of ports 2, 3 and 4, and click Save to add them to the isolated port list so that they cannot send traffic to each other. From port 2, 3, or 4, you should be able to access the device that attaches to port 25, such as a server or default gateway. 5.7 How to Use IP Source Guard and DHCP Snooping to Prevent Spoofed Traffic IP source guard uses a binding table to allow or block IP traffic in your network. When the Switch receives an IP packet, it looks up the appropriate MAC address, VLAN ID, IP address, and port number in the binding table. If there is a binding, the Switch forwards the packet. If there is not a binding, the Switch discards the packet. The Switch builds the binding table by snooping DHCP packets (dynamic bindings) and from information provided manually by administrators (static bindings). Use DHCP snooping to filter unauthorized DHCP packets on the network and to build the binding table dynamically. This can prevent clients from getting IP addresses from unauthorized DHCP servers. GS1910/XGS1910 Series User's Guide 45

Section	Page
GS1910/XGS1910 Series	1
Table of Contents	3
Getting to Know Your Switch	5
1.1 Introduction	5
1.1.1 Bridging Example	5
1.1.2 High Performance Switching Example	6
1.1.3 Gigabit Ethernet to the Desktop	7
1.1.4 IEEE 802.1Q VLAN Application Example	7
1.1.5 IPv6 Support	8
1.2 Ways to Manage the Switch	8
1.3 Good Habits for Managing the Switch	8
Hardware Installation and Connection	11
2.1 Freestanding Installation	11
2.2 Mounting the Switch on a Rack	12
2.2.1 Rack-mounted Installation Requirements	12
2.2.2 Attaching the Mounting Brackets to the Switch	12
2.2.3 Mounting the Switch on a Rack	13
Hardware Overview	15
3.1 Front Panel Connections	15
3.1.1 Ethernet Ports	17
3.1.2 Dual Personality Interfaces	18
3.1.3 SFP/SFP+ Slots	18
3.1.4 Console Port	20
3.2 Rear Panel	20
3.2.1 Power Connector	21
3.3 LEDs	22
The Web Configurator	25
4.1 Introduction	25
4.2 System Login	25
4.3 The Web Configurator Layout	26
4.3.1 Change Your Password	32
4.4 Switch Lockout	32
4.5 Logging Out of the Web Configurator	32
4.6 Help	32
Tutorials	33
5.1 How to Change Switch Management IP Address	33
5.2 How to Configure Login Accounts and Privilege Levels	34
5.3 How to Manage a Configuration File	36
5.3.1 Backing up a Configuration File	36
5.3.2 Restoring a Configuration File	37
5.4 How to Create a VLAN	38
5.4.1 Setting Port VID	39
5.5 How to Set Up a Guest VLAN with IEEE 802.1x Authentication	41
5.5.1 Creating a VLAN for Port which is not IEEE 802.1x enabled	41
5.5.2 Enabling IEEE 802.1x Port Authentication and Guest VLAN	42
5.6 How to Use Private VLAN to Do Port Isolation in a VLAN	44
5.6.1 Creating a Private VLAN	44
5.6.2 Enabling Port Isolation	45
5.7 How to Use IP Source Guard and DHCP Snooping to Prevent Spoofed Traffic	45
5.8 How to Use DHCP Relay on the Switch	48
5.8.1 Creating a VLAN	49
5.8.2 Configuring DHCP Relay	49
5.8.3 Troubleshooting	50
5.9 How to Use Link Aggregation to Group Multiple Ports into One Logical Link	50
5.9.1 Static Port Trunking	50
5.9.2 Dynamic Port Trunking	51
5.10 How to Analyze Traffic Using Mirroring	52
5.10.1 Configuring Mirroring	53
5.10.2 Configuring Remote Port Mirroring	54
5.11 How to Use IGMP Snooping to Reduce Multicast Traffic Passing through your Switch	60
5.12 How to Configure Access Control List (ACL) for Packets Filtering	63
5.13 How to Reset the Switch via the Console Port	66
Troubleshooting	69
6.1 Power, Hardware Connections, and LEDs	69
6.2 Switch Access and Login	70
Legal Information	73

Match case Limit results 1 per page

Chapter 5 Tutorials

GS1910/XGS1910 Series User’s Guide

Click

Save

to save the settings to the Switch.

5.6.2

Enabling Port Isolation

Follow the steps below to configure port isolation.

Click

Configuration > Private VLANs > Port Isolation

Select the check boxes of ports 2, 3 and 4, and click

Save

to add them to the isolated port list so

that they cannot send traffic to each other.

From port 2, 3, or 4, you should be able to access the device that attaches to port 25, such as a

server or default gateway.

5.7

How to Use IP Source Guard and DHCP Snooping to

Prevent Spoofed Traffic

IP source guard uses a binding table to allow or block IP traffic in your network. When the Switch

receives an IP packet, it looks up the appropriate MAC address, VLAN ID, IP address, and port

number in the binding table. If there is a binding, the Switch forwards the packet. If there is not a

binding, the Switch discards the packet.

The Switch builds the binding table by snooping DHCP packets (dynamic bindings) and from

information provided manually by administrators (static bindings).

Use DHCP snooping to filter unauthorized DHCP packets on the network and to build the binding

table dynamically. This can prevent clients from getting IP addresses from unauthorized DHCP

servers.