F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Network Management Configuration Guide-6PW100
51
403BSetting the aging time for MAC address entries
1. Select Network > MAC > Configuration from the navigation tree.
The page shown in
2192HFigure 33 appears.
Figure 33 Setting the aging time for MAC address entries
2. Set the aging time for MAC address entries.
If you select No-aging, MAC address entries do not age out.
3. Click Apply.
404BMAC address table configuration example
1103BNetwork requirements
The MAC address of Host A, which is connected to GigabitEthernet 0/1 of the device and belongs to
VLAN 1, is 000f-e235-dc71. The MAC address of Host B, which belongs to VLAN 1, is 000f-e235-abcd.
To prevent MAC address spoofing, add a static entry into the MAC address table of the device for Host
A.
Because Host B once behaved suspiciously on the network, you can add a destination blackhole MAC
address entry for the MAC address to drop all packets destined for the host for the sake of security.
Set the aging time for dynamic MAC address entries to 500 seconds.
Figure 34 Network diagram
1104BConfiguring Firewall
Before making the following configurations, check whether GigabitEthernet 0/1 operates in router mode.
If yes, change its operating mode to bridge mode. To do that, select Device Management > Interface
from the navigation tree, and then find and select GigabitEthernet 0/1 to configure it accordingly. In
addition, specify the security zone to which GigabitEthernet 0/1 belongs.