We're trying to set up port security on our catalysts 4006 without success.
We want avoid external computers to be connected to our LAN sockets.
We have more than 200 machines, so we would prefer to avoid entering all the macs using the learnt option. For example, this is the command used to config port 3/25:
set port security 3/25 enable violation shutdown (by default, age = 0, macs allowed = 1)
When I patch a workstation into the port, it learns the mac and shows it as secure, but when I remove the workstation, a "show port
security" command shows no secure address. I can then patch a different workstation into the same port, and it learns the new machine's mac
As I understand it, the first machine's mac address should be learnt, and the port should be shut down when the second machine is patched in. That's the behaviour we're looking for.
I have tried setting the aging time, but the learnt mac disappears when we unplug the machine. Thanks in advance.