Security Suite
IP Source Guard
SPS208G/SPS224G4/SPS2024 Service Provider Switches User Guide 151
8
• If a port is trusted, filtering of static IP addresses can be configured, although
IP Source Guard is only active when the port is untrusted.
• If a port’s status changes from untrusted to trusted, the static IP address
filtering entries remain but become inactive.
The
IP Source Guard Screen
allows network managers to enable the use of IP
Source Guard on the device. IP Source Guard must be enabled for the device
before it can be enabled on individual ports or LAGs. The
IP Source Guard Screen
is divided into the following sections:
• IP Source Guard Global Settings — Enabling or disabling IP Source Guard
on the device.
• IP Source Guard Interface Table — Enabling IP Source Guard on DHCP
Snooping untrusted interfaces. this permits the transmission of DHCP
packets allowed by DHCP Snooping. If source IP address filtering is
enabled, packet transmission is permitted as follows:
-
IPv4 traffic
— Only IPv4 traffic with a source IP address that is
associated with the specific port is permitted.
-
Non IPv4 traffic
— All non-IPv4 traffic is permitted.
To Next Page
Loading...
Need help?
General
