Manualshelf

Operation Manual

ManualsBrandsTrapeze smart mobile ManualsSoftwareMobility System Software 7.3
61626364656667686970
VLAN Commands
VLAN Commands
6 – 73
communicate directly to each other. To communicate with another client, the client must use one
of the specified default routers.
Syntax
set security l2-restrict vlan vlan-id
[mode {enable | disable}] [permit-mac mac-addr [mac-addr]]
Defaults
Layer 2 restriction is disabled by default.
Access
Enabled.
History
Introduced in MSS Version 4.1.
Usage
You can specify multiple addresses by listing them on the same command line or by
entering multiple commands. To change a MAC address, use the clear security l2-restrict
command to remove it, and then use the set security l2-restrict command to add the correct
address.
Restriction of client traffic does not begin until you enable the permitted MAC list. Use the mode
enable option with this command.
Examples
The following command restricts Layer 2 forwarding of client data in VLAN abc_air to
the default routers with MAC address aa:bb:cc:dd:ee:ff and 11:22:33:44:55:66:
MX# set security l2-restrict vlan abc_air mode enable permit-mac aa:bb:cc:dd:ee:ff
11:22:33:44:55:66
success: change accepted.
See Also
clear security l2-restrict on page 6-68
clear security l2-restrict counters on page 6-69
show security l2-restrict on page 6-80
set vlan name
Creates a VLAN and assigns a number and name to it.
Syntax
set vlan vlan-num name name
Defaults
VLAN 1 is named default by default. No other VLANs have default names.
Access
Enabled.
History
Introduced in MSS Version 1.0.
Usage
You must assign a name to a VLAN (other than the default VLAN) before you can add
ports to the VLAN.
It is recommended that you do not use the name default. This name is already used for VLAN 1. It
is also recommended that you do not rename the default VLAN.
vlan-id VLAN name or number.
mode
{enable | disable}
Enables or disables restriction of Layer 2 forwarding.
permit-mac mac-addr
[mac-addr]
MAC addresses to which clients are allowed to forward data at Layer 2. You can
specify up to four addresses.
vlan-num VLAN number. You can specify a number from 2 through 4093.
name String up to 16 alphabetic characters long.