- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- Re: Port Security Command
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-21-2010 04:23 AM
тАО04-21-2010 04:23 AM
Port Security Command
Anyone used/configured this command?
I need that ONLY 3 PC's reach a Printer. So...I configured this on my 5406zl but doesn't work:
AAPP-CPD1(eth-D17)# show port-security d17
Port Security
Port : D17
Learn Mode [Continuous] : Configured
Address Limit [1] : 4
Action [None] : Send Alarm
Authorized Addresses
--------------------
001372-763426 (PC)
001aa0-cf12be (PC)
00206b-c020c3
003005-c2d124 (PC)
Doesn't work 'cause not only the 3 MACs reach the Printer but all the people can reach the printer.
The problem can be that I include the Printer's MAC on the Port-Security command?
The printer is connected in the D17 port.
Thanks a lot in advance and greetings from Spain.
Mariano.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-21-2010 12:32 PM
тАО04-21-2010 12:32 PM
Re: Port Security Command
port-security for connection security on switch or network
switch learn mac address or addresses on port and connect network
port-securtiy unable reachable or unreacable between host's
you need acl configuration
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-23-2010 01:46 AM
тАО04-23-2010 01:46 AM
Re: Port Security Command
I agree with Cenk; port-security definitively is the wrong feature to achiev the desired communication limitation.
I would consider either ACLs (as suggested by Cenk), or - if you want to do it on an OSI level below 3 - think about source-port filtering.
You will find ACL documentation at:
http://cdn.procurve.com/training/Manuals/3500-5400-6200-6600-8200-ASG-Mar10-10-ACLs.pdf
Source-port-filtering is described here:
http://cdn.procurve.com/training/Manuals/3500-5400-6200-6600-8200-ASG-Mar10-12-TrafficSecFilters.pdf
(With both links, I assume ProVision based switches [yl/zl series])
Regards,
Ralf
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-23-2010 02:18 AM
тАО04-23-2010 02:18 AM
Re: Port Security Command
Thanks for your answers.... but I've tried with ACLs but was impossible.... This is my ACL configured in a 5406zl:
10 permit ip 10.128.180.41 0.0.0.0 10.128.183.226 0.0.0.0
11 permit ip 10.128.180.105 0.0.0.0 10.128.183.226 0.0.0.0
20 permit ip 10.128.180.14 0.0.0.0 10.128.183.227 0.0.0.0
21 permit ip 10.128.180.12 0.0.0.0 10.128.183.227 0.0.0.0
40 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
And it was applied to the VLAN:
vlan 180
name "PCs Impresoras"
untagged B1-B17,B19-B24,C1-C12,D1,D3,D5,D7,D12-D13,D17
ip address 10.128.180.8 255.255.252.0
tagged Trk1-Trk5,Trk10
ip access-group "Firewall Impresoras" in
ip access-group "Firewall Impresoras" out
exit
What's wrong?
Many many thanks in advance for your answers & greetings from Madrid.
Mariano.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-23-2010 04:45 AM
тАО04-23-2010 04:45 AM
Re: Port Security Command
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-23-2010 04:56 AM
тАО04-23-2010 04:56 AM
Re: Port Security Command
Thanks a lot for your time and your patience. I send you a attached (TXT file) with the configuration of my 5406zl.
Thanks in advance.
Mariano.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-28-2010 12:22 AM
тАО04-28-2010 12:22 AM
Re: Port Security Command
Any news??
Thanks in advance...
Mariano.