In this post we'll show how to lock down a port on a Zyxel GS1900 network switch to only allow traffic for specific MAC address. The Zyxel documentation is very lacking when it comes to the port security features so we figured we'd share these details in hopes that others could benefit from the time we put into getting this working. Here at the office we have one of these switches and a recent need arose to ensure that only some owned devices could plug into a port and get on the private network. Thus far the switch has been a great piece of equipment for the price, performs well, and met our minimal needs. I knew that it supported port security such as this but once logged into the web interface the options didn't make much sense at first. But after a little trial and error I figured it out and we now have a port secured to only allow two specific MAC addresses to connect to it.
For this example we'll assume that we have the following two devices/MAC addresses that we want to grant access for them to connect to port 8. In our scenario we have one physical device which is running a Virtual Box VM in Bridged Networking mode so the VM access the port just like any other device would. So we specify both the physical MAC and the MAC for the virtual machine's network card.
1. First, login to the web administration tool for your switch and navigate to the Configuration section in the left hand navigation as shown here: