Community discussions

 
tesme33
newbie
Topic Author
Posts: 48
Joined: Mon May 26, 2014 10:25 pm

CRS326 Port security

Wed Jun 05, 2019 7:20 pm

Hi
is there any way to get the port security as described here for the CRS1xx/CRS2xx
https://wiki.mikrotik.com/wiki/Manual:C ... s_per_Port
also on a CRS326-24G-2S+ working?

Or do we need to wait and hope for SwOS 3 ?


Thx
 
User avatar
k6ccc
Member
Member
Posts: 479
Joined: Fri May 13, 2016 12:01 am
Location: Glendora, CA, USA (near Los Angeles)

Re: CRS326 Port security

Wed Jun 05, 2019 8:05 pm

Off hand, I don't see a way to specify a MAC on a specific port, but you can enable port lock which locks the port to the first MAC that is connected. See the Forwarding tab.
RB750Gr3, RB750r2, CRS326-24G-2S (in SwitchOS), CSS326-24G-2S, CSS106-5G-1S, RB260GS
Not sure if I beat them in submission, or they beat me into submission


Jim
 
tesme33
newbie
Topic Author
Posts: 48
Joined: Mon May 26, 2014 10:25 pm

Re: CRS326 Port security

Thu Jun 06, 2019 7:19 am

Hi
thanks for the idea. but i have more then one MAC behind this port. Im thinking to get an hAP lite just as a bridge connected and define bridge filter rules on that box.
I know not very elegant but it might work.
Assuming that the hAP is also "just" a bridge. Would the filter then just be appplied to the forward chain or would i need to assign it also to the bridge or port itself ?
so i would implment:
0   chain=forward action=accept src-mac-address=00:06:98:01:1F:A1/FF:FF:FF:FF:FF:FF log=no
     log-prefix=""

 1   chain=forward action=accept dst-mac-address=00:06:98:01:1F:A1/FF:FF:FF:FF:FF:FF log=no
     log-prefix=""
and so on or all MACs
And the last statement would be to block everything.

Correct ?
 
User avatar
k6ccc
Member
Member
Posts: 479
Joined: Fri May 13, 2016 12:01 am
Location: Glendora, CA, USA (near Los Angeles)

Re: CRS326 Port security

Thu Jun 06, 2019 7:30 am

Never used a bridge, so can't help you there. However your firewall rules look OK - I think.
RB750Gr3, RB750r2, CRS326-24G-2S (in SwitchOS), CSS326-24G-2S, CSS106-5G-1S, RB260GS
Not sure if I beat them in submission, or they beat me into submission


Jim

Who is online

Users browsing this forum: No registered users and 3 guests