SG2008P Port Security
I have a SG2008P in my Omada Controller where one of the ports is connected to an outdoor AP. I need to configure port security on this port to prevent anyone from plugging in. I don't see anything in the switch config on the controller but the manual says it supports port security. Does anyone know how to configure this?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Amazing this is still not possible.
In 2022 this was already indicated as an inssue and it would be forwardedn to the R&D appartment.
Now it's 2025 and it is still not possible to do this in the controller interface.....
- Copy Link
- Report Inappropriate Content
Hi @someguy1234
Thanks for posting in our business forum.
Port Security is currently a proprietary function that is available in the standalone mode.
- Copy Link
- Report Inappropriate Content
@Clive_A Thanks for the reply. So you mean I have to disassociate it from my Omada controller? Why isn't it supported in the controller? Why did I spend 100 dollars on this switch only to use it in standalone mode?
- Copy Link
- Report Inappropriate Content
Hi @someguy1234
Thanks for posting in our business forum.
someguy1234 wrote
@Clive_A Thanks for the reply. So you mean I have to disassociate it from my Omada controller? Why isn't it supported in the controller? Why did I spend 100 dollars on this switch only to use it in standalone mode?
You are correct. Have to disassociate it from the controller.
Unfortunately, that's the case now. This feature was never added to the Controller mode. No such feature in Controller mode, and it does not support CLI configuration to enable it.
I think it could be a limitation on the Controller. Similar requests have been sent but this feature was not fulfilled ever since the Omada Controller was published.
- Copy Link
- Report Inappropriate Content
@Clive_A Thanks for the quick replies.
- Copy Link
- Report Inappropriate Content
Hi @someguy1234
Thanks for posting in our business forum.
someguy1234 wrote
@Clive_A Thanks for the quick replies.
Noticed someone suggested MAC address learning on Reddit. Will that work for you? MAC learning might be an alternative to doing what you want.
Set the MAC-learned address count to 1 and connect your AP to it. It should only allow this single device to get the Internet.
- Copy Link
- Report Inappropriate Content
you can look at this link, i used it for a while but then it stopped working at some point and i haven't gotten it to work again, but it's possible i did something wrong somewhere. i haven't spent much time on it.
what is not stated in this link is that you have to set 802.1X Control to auto on the switch port otherwise all devices will connect.
nice if you test and give feedback, for me it doesn't work anymore,
https://community.tp-link.com/en/business/forum/topic/714314
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Amazing this is still not possible.
In 2022 this was already indicated as an inssue and it would be forwardedn to the R&D appartment.
Now it's 2025 and it is still not possible to do this in the controller interface.....
- Copy Link
- Report Inappropriate Content
@MarcelvE haha yeah. I saw that discussion but couldn't believe it was still an issue. What does RnD do all day?
- Copy Link
- Report Inappropriate Content
@MR.S That method sort of worked. The authentication on the port worked and in testing unauthorized devices were blocked just like I wanted. But the switch would drop off the network after a bit. Logs said something about the uplink port being blocked. And even though testing showed it was functioning correctly, the port that was set for RADIUS authentication would be apparently randomly be blocked too. Ping tests would randomly fail. Rebooting the switch would fix it until a few minutes later when it would happen again. Very weird. Disabiling the whole RADIUS port auth fixed these random issues.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 460
Replies: 10
Voters 0
No one has voted for it yet.