-when one worker connect its pc in one port of the switch, the switch validate the mac in a bbdd of autorized macs. If the mac it is okey, the switch put this port (where the worker is connected) in vlan1, if it is not a autorized mac, then the switch must configure/asign to this port the vlan 3.
From the scenario you have described, it seems that you want to configure Port Security.
1. On the web-GUI, go to Security > Traffic Control > Port Security > Static MAC address. Under Port List, select your desired port in the Interface Field. Then, enter the corresponding MAC Address in the Static MAC Address field and select the corresponding VLAN ID. Then, click Add.
As reference, read page 15-5 of the GSM7224v2 Software Administration Manual Release 8.0 here.
2. Configure Port Security. Read pages 15-2 to 15-3 of the GSM7224v2 Software Administration Manual Release 8.0 here
Let me share this old forum thread here. Although a different NETGEAR switch model was used in the old forum thread, it might still help as your guide.
If ever your concern has been addressed or resolved, I encourage you to mark the appropriate reply as the “Accepted Solution” so others can be confident in benefiting from the solution. The NETGEAR Community looks forward to hearing from you and being a helpful resource in the future!
1. we connect a pc to the network, for example, port 1 in the switch
2.the switch asked the ¿external or internal? macs bbdd if this pc mac is in the bbdd.
3.the switch now know if this pc mac is in the bbdd
4.the switch assign vlan untagged to this port 1. If pc mac is in bbdd, the switch assign a vlan id X to this port 1. If pc mas is not in bbdd, the switch assign another vlan id Y to this port 1.
I am not sure if mac bbdd... may be in the switch... or this is a external equipment. For us, it does not matter. External?
Is the MAC BBDD in your network diagram the RADIUS server? If yes, kindly read the articles below and this might help you configure the GSM7224v2 switch:
@DaneA These examples are username/password based VLAN associations - not what the OP is looking for.
In continuation of these examples above. one might want to add a catch-all VLAN if a user resp. a system doesn't succeed with the username/password, so the system is put on a VLAN used for guest, for a staging environment, ...
Now the username/password authentication from the examples must be changed to pure MAC address check, e.g in a RADIUS.
I am not looking for validate with user/password,... i am looking to validate via mac: So, if the mac (connected in one aleatory port of the switch) is okey/autorhired/is in the mac autorized bbdd--> vlan 1 to switch. If the mac is not in the mac autorized bbdd--> switch assign vlan 10
