Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
505
Views
0
Helpful
2
Replies

IP Telephony: port-security with voice vlan "Sticky"

Go to solution
kfarrington
Level 3
Level 3

‎08-08-2007 12:04 AM - edited ‎03-05-2019 05:46 PM

Hello all,

I have the following :

Why does the Cisco 7960 phone NOT put a sticky mac address automatically under the switchport, just the PC does?

It seems to work, but am not sure why.

Also, I dont require "maximum macs" to be set to 3 do I? Like when you use Avaya?

Many thx indeed,

Ken

!

interface FastEthernet1/0/10

description IP Phone with desktop connected

switchport access vlan 10

switchport mode access

switchport voice vlan 20

switchport port-security

switchport port-security maximum 2

switchport port-security mac-address sticky

switchport port-security mac-address sticky aaaa.bbbb.cccc

no ip address

duplex full

speed 100

priority-queue out

no mdix auto

switch#sh mac-address-table int fa 1/0/10

Mac Address Table

-------------------------------------------

Vlan Mac Address Type Ports

---- ----------- -------- -----

10 aaaa.bbbb.cccc STATIC Fa1/0/10

20 dddd.eeee.ffff STATIC Fa1/0/10

Total Mac Addresses for this criterion: 2

switch#

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jagdeep Gambhir
Level 10
Level 10

‎08-08-2007 05:40 AM

Hi Ken,

When a voice VLAN is configured on a secure port that is also configured as a sticky

secure port, all addresses seen on the voice VLAN are learned as dynamic secure addresses,

and all addresses seen on the access VLAN (to which the port belongs) are learned as

sticky secure addresses.?

So the IP Phone?s MAC address would not be learned as sticky address.

Port Security Configuration Guidelines:

http://www.cisco.com/en/US/products/hw/switches/ps646/products_configuration

_guide_chapter09186a00802cb7c4.html#wp1038546

Hope that helps !

Regards,

~JG

Please rate helpful posts.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jagdeep Gambhir
Level 10
Level 10

‎08-08-2007 05:40 AM

Hi Ken,

When a voice VLAN is configured on a secure port that is also configured as a sticky

secure port, all addresses seen on the voice VLAN are learned as dynamic secure addresses,

and all addresses seen on the access VLAN (to which the port belongs) are learned as

sticky secure addresses.?

So the IP Phone?s MAC address would not be learned as sticky address.

Port Security Configuration Guidelines:

http://www.cisco.com/en/US/products/hw/switches/ps646/products_configuration

_guide_chapter09186a00802cb7c4.html#wp1038546

Hope that helps !

Regards,

~JG

Please rate helpful posts.

0 Helpful

Go to solution
kfarrington
Level 3
Level 3
In response to Jagdeep Gambhir

‎08-08-2007 07:34 AM

Hi there JG.

That is fantastic. many thx for your help. Thought I was going mad :))

Kindest regards,

Ken

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card