- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: Need to secure a GS110TP switch
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi all
We just got a GS110TP managed switch. We need it to recognize only a set of network devices and drop the rest. Trying to set MAC filtering but for some reason its not working and all devices are working. To put you in the picture we connected 5 PCs to the switch on Ports 1-5....we just need PCs on port 1 and 2 to work....the PCs on port 3-5 should not be able to connect.
What might we be missing?
Thanks all
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I just want to follow-up on this. Were you able to access the article I've shared and used it as your reference guide? Also, were you able to try to configure Port Security on your GS110TP switch?
Regards,
DaneA
NETGEAR Community Team
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Need to secure a GS110TP switch
Hello ramram,
Welcome to the community!
The best way is configuring MACL ACL, see page 210 of the user manual. It will help you with using the ACL wizard and makes sure that the MAC rules are defined to your specifications. What firmware version are you using by the way?
Thanks,
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Need to secure a GS110TP switch
It's 5.4.2.22
I still cant manage :((
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Need to secure a GS110TP switch
Hi ramram,
You can contact out support team so they can walk you through with creating MAC ACL. They should be able to guide you through.
Thanks,
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Need to secure a GS110TP switch
Hi ramram,
Were you able to talk to support regarding this one?
Thanks,
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Need to secure a GS110TP switch
Yes still lost though...
What I need is this setup:
- I WISH TO BE ABLE TO SET SWITCH TO 'RECOGNIZE' ONLY 2 COMPUTERS BY MAC. THESE 2 COMPUTERS SHOULD WORK ON ALL PORTS.
- IF I CONNECT OTHER PCs THEY SHOUDNT WORK ON ALL PORTS.
Cant get it to work 😞
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Need to secure a GS110TP switch
Hi ramram,
Welcome to the Community!
I think it it possible for you to achieve the goal by mac acl. Try with following steps
1. Go to "ACL>ACL Wizard", select "ACl Based on Source MAC"
2. Add rules
rule 1 Permit source mac **********/00:00:00:00:00:00 (input pc1's mac)
rule 2 Permit source mac **********/00:00:00:00:00:00 (input pc2's mac)
rule 3 Deny Match Every
3. On binging Configuration slect all ports.
You can also refer to the pic
Hope it helps
Carl
Netgear Employee
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Need to secure a GS110TP switch
Hi...I followed your instructions to the letter however ALL ports became unreachable when I mark them. I had to reset the switch and retry...
When I tried it the 2nd time I left two ports unmarked and they kept working whilst the other six ports became unactive....
What am I missing here?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Need to secure a GS110TP switch
Hi ramram,
You are almost got success. We should change the " COS" ,and "EtherType key".
When you create Source MAC Address Rules Table, change "cos" and "EtherType Key" to blank by default they are 1 and ipv4. And config result is like this pic
Best Regards
Carl
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Need to secure a GS110TP switch
I give up
Did all you said to the letter, assigned all ports to the ACL, and the switch became unreachable!!
Isnt this supposed to be a bit easier?!
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Need to secure a GS110TP switch
Kindly access this article and use it as your reference guide in setting up MAC ACL.
Also, if you want to try to configure Port Security based on MAC Address, here are the steps:
1. On the web-GUI of the GS110TP switch, go to Switching > Address Table > Advanced > Static MAC Address.
2. Add a static MAC address entry.
a. Select the VLAN ID corresponding to the MAC address to add.
b. Specify the MAC address to add.
c. Specify the port associated with the MAC address.
d. Click Add.
Note: From steps 1-2, refer to pages 3-56 to 3-57 of the GS110TP user manual here.
3. On the web-GUI of the GS110TP switch, go to Security > Traffic Control, and then click the Port Security > Port Security Configuration.
4. Select Enable on Port Security Mode then click Apply.
5. On the web-GUI of the GS110TP switch, go to Security > Traffic Control, and then click the Port Security > Interface Configuration.
6. Specify the following settings:
a. Port Security. Enable or Disable the port security feature for the selected port. •
b. Max Allowed Dynamically Learned MAC. Sets the maximum number of dynamically learned MAC addresses on the selected interface. Valid range is 0–600.
c. Max Allowed Statically Locked MAC. Sets the maximum number of statically locked MAC addresses on the selected interface. Valid range is 0–20.
d. Enable Violation Traps. Enables or disables the sending of new violation traps designating when a packet with a disallowed MAC address is received on a locked port.
7. Click Apply.
Note: From steps 3-7, refer to pages 5-37 to 5-40 of the GS110TP user manual here.
Let me share this forum link here since its similar to your goal.
Hope it helps.
Regards,
DaneA
NETGEAR Community Team
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I just want to follow-up on this. Were you able to access the article I've shared and used it as your reference guide? Also, were you able to try to configure Port Security on your GS110TP switch?
Regards,
DaneA
NETGEAR Community Team
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Need to secure a GS110TP switch
yes i managed. the problem is that i was allocating all ports where in reality you should always like a vacant port for the uplink
thanks for your help
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Need to secure a GS110TP switch
Thanks for the update. I'm glad the problem is now resolved. 🙂
Since your concern has been resolved, I encourage you to mark the appropriate reply as the “Accepted Solution” so others can be confident in benefiting from the solution. The NETGEAR Community looks forward to hearing from you and being a helpful resource in the future!
Cheers,
DaneA
NETGEAR Community Team