This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
I am using a M4300 switch as simple layer-2 switch in an enterprise infrastructure. I just use the 10GBit port as uplink to the infrastructure and some other 1GBit ports for my devices. Unfortunately, all ports on the switch have a MAC address (can be investigated in GUI via Switching->Ports->Port Description). This MAC is detected by the infrastructure as a security violation and thus, the uplink is blocked. Therefore, my devices can no longer access/authenticate to the infrastructure.
Is there a way to remove/change the MAC address from the M4300's ports, the possibility to use the switch as a native Layer-2 switch, or to suppress the MAC advertisement of the switch?
Thanks for the hint. I've discovered the packages via wireshark to see what is going on on the switch-port if I insert a cable. I saw periodically CDP frames (Cisco Discovery Protocoll) occurring, In fact, disable LLDP was not the cure. I've disabled ISDP (Industry Standard Discovery Protocol), which let the periodically CDP frames disappear. Now everything works as expected!
Netgear switches does not allow you to change the mac address on the ports. All the ports will always have the same mac (the switch mac addr). As you mention, this should be irrelevant if the switch is simply doing layer 2 forwarding.
The switches are set to advertise information via LLDP. You can and turn that off: System > LLDP > Interface Configuration > Set "Transmit" and "Receive" to Disable on all ports (or at least the uplink port) and click "Apply".
However, this might not solve everything as this will not stop the switch from sending things like broadcast. For example, if you access the GUI of the switch from your PC --> the PC and switch will regularly update their ARP cache and that happens via broadcasts. This might trigger the security check in your infrastructure.
But, try the above to begin with. If you need the switch to be completely silent - there are ways. I am thinking some tinkering could be done with a MAC ACLs on the uplink. Anyway, let's first see how turning off LLDP advertisement goes.
Thanks for the hint. I've discovered the packages via wireshark to see what is going on on the switch-port if I insert a cable. I saw periodically CDP frames (Cisco Discovery Protocoll) occurring, In fact, disable LLDP was not the cure. I've disabled ISDP (Industry Standard Discovery Protocol), which let the periodically CDP frames disappear. Now everything works as expected!
