- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
GS110TPV3 Device security on port level ?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
GS110TPV3 Device security on port level ?
Hello everyone,
I have recently installed POE IP Camera’s outside of my home.
Leaving me with accessible network cables outside my primary hackers defense.
“The door” 😉
Now I am a little overwhelmed with all the terminology that I find in the manual for my GS110TPV3.
What could I use to make sure that only the camera is able to connect to the port it is on?
And prevent any unwanted network devices from getting on my network.
I can imagine there are more then one answers to this one. So do not spare me. I’ll read up on the solutions.
With kind regards,
Jurjen
Setup:
OPNSense router -> GS110TPV3 -> Camera
VLan’s can be used to come to a solution, although I have none at the moment.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: GS110TPV3 Device security on port level ?
8-Port Gigabit (PoE+) Ethernet Smart Managed Pro Switch with (2 SFP Ports and) Cloud Management Mode... p.384, Manage Port Security
Welcome to the Netgear Community!
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: GS110TPV3 Device security on port level ?
@schumaku Thanks for the link to the manual.
It does go into a little more depth on the ACL principles, although not a lot.
Eventually I came up with this one:
Go to Security -> ACL -> Basic and MAC ACL:
Create a placeholder name here. "AllowCameras"
Then go to MAC Rules... (The hard part)
Enter your device MAC adresses 1 at the time. But take note of the MAC Mask (I was not aware this existed)
First I followed the manual, and used 00:00:00:FF:FF:FF which splits up the MAC in the middle
EC:71:DB | 6C:85:C0
00:00:00 | FF:FF:FF
And it is just using the first 3 positions to allow on the ports. so 1 entry will work here for me.
But I changed it to 00:00:00:00:00:00 to make a unique set of 1 MAC Adress
After that you bind the rules to the ports you need them on.
in MAC Binding Configuration.
I do not have a clue what the difference between Unit1 Ports and LAG is.
But I’ll look at that tomorrow 😉
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: GS110TPV3 Device security on port level ?
LAG are link aggregation groups, combining two or more physical ports into a group. Without LAGs configured (no need to where no LAGs are in use to provide more bandwidth than what a single physical Ethernet link can provide), no need to mark random LAGs ... especially if these don't are neither configured, nor required.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: GS110TPV3 Device security on port level ?
@schumaku wrote:
8-Port Gigabit (PoE+) Ethernet Smart Managed Pro Switch with (2 SFP Ports and) Cloud Management Mode... p.384, Manage Port Security
p.348 I had in mind ... not an ACL config.