Whether USG firewalls support MAC address learning restriction

14

The USG2000 and USG5000 support MAC address learning restriction.

Other related questions:
Method used to configure the MAC address learning restriction on USG firewalls
The MAC address learning restriction indicates a function of configuring rules for restricting the dynamic MAC address learning. This function is applicable to a network that supports user access but is not safe enough, for example, a cell access network or an enterprise intranet that is lack of security management. When the number of accessed user reaches a limit, the MAC addresses of new accessed users are not learned, and packets from these users are discarded. Before configuring the MAC address learning restriction, if a port has learned MAC addresses, run the undo mac-address dynamic command in the system view to clear these MAC addresses. Otherwise, the limit for the MAC address learning restriction becomes inaccurate. To configure the MAC address learning restriction, run the mac-limit { maximum max | action { discard | forward } } *, command in the L2 interface view.

Whether USG firewalls support static MAC address entries
The USG firewalls support static MAC address entries.

Whether USG firewalls support blackhole MAC address entries
The USG firewalls support blackhole MAC address entries.

Whether USG firewalls support dynamic MAC address entries
The USG firewalls support dynamic MAC address entries.

Whether USG firewalls support the aging time configured for MAC address entries
The USG2000 and USG5000 support the aging time configured for MAC address entries.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top