I was planning on using the SG 200-08 as a simple way to filter out all trafic but from two servers to some of my devices. The plan was to use port security and allow only the MAC-addresses of these servers on port 1.
1. I go to Security -> Port security and set Admin Mode: Enable to true. I apply the change
2. Then I set port 1 to locked, max 2 static addresses, max 0 dynamic addresses, Action on violation: Discard.
3. Then I go to MAC Address Tables -> Static addresses and add the two MAC-addresses I want to let thru. Status is set to Secure.
4. Copy Running Config to Startup Config.
This works well, but as soon as the switch is rebooted the Status field of the MAC-addresses entered in step 3 are changed from Secure to Permanent.
This effectively means the switch only does what I want till it is rebooted.
Does anyone know how to work around this problem or bug?
See attached picture for explanation if my text is not good enough.
just to be sure, after configuring Port Security, have you actually hit 'Apply' ? Copying the running to the startup configuration shouldn't be necessary...
Yes, of course I hit 'Apply'.
I add static mac address on port 1.
Lock port 1.
Then I tuned on PORT SECURITY.
Function working properly until I reboot the switch.
After reboot function 'PORT SECURITY' not working properly. I need OFF then ON function.
I have attached the SG-200 user guide, go to page 262, where the four port security modes are described. The first one, Classic Lock, is required...
I am using SG200-08.
I have attached the SG200-08 user guide, go to page 155, where the four port security modes are described.
This device does not have these settings (Type of Lock).
my bad, I looked at the wrong user guide for your model...:(
Either way, in 99 percent of the cases, these problems are caused by the firmware. Try to downgrade to a lower version such as 1,5, or 1.6, or 1.7. I have attached all three versions. There is no documentation unfortunately, so it is trial and error...
The files are renamed to .jpg because the system doesn't let us upload .stk files. Once you download the files, rename them to .stk files