I am experimenting with port security.
I have configured a particular port secveral different ways. I have removed and added security several times.
I have a workstation and phone on this port.
Now when I try to put the config back to the original security config, I keep getting violations and the port shuts down.
The violation is occuring from the workstation on the port that has always been there.
I can only get the port to come up when I remove the security components.
I have tried dynamic, sticky and statically adding the mac address. When I add the address statically I get "duplicate address found"
Is it possible that the port is retaining some security components even though I have removed them?
When I remove the components, the port does not show up when I do "sh port-sec"
shown is the config and log, this config should allow dynamic addresses, but the workstation is violating and shutting down the port:
description Network_Eng PC
switchport access vlan 40
switchport mode access
switchport voice vlan 250
switchport port security
switchport port-security maximum 3
switchport port-security aging time 5
switchport port-security aging type inactivity
switchport port-security mac-address sticky
no ip address
wrr-queue cos-map 1 1 1
wrr-queue cos-map 1 2 0
wrr-queue cos-map 2 1 2 3 4 6 7
wrr-queue cos-map 2 2 5
mls qos trust cos
Nov 4 09:18:32.010: %PORT_SECURITY-SP-2-PSECURE_VIOLATION: Security violation
ccurred, caused by MAC address 0018.1234.4567 on port FastEthernet3/34.
Nov 4 09:18:32.010: %PM-SP-4-ERR_DISABLE: psecure-violation error detected on
a3/34, putting Fa3/34 in err-disable state
Nov 4 09:18:41.498: %C6K_POWER-SP-4-PD_NOLINKUP: The device connected to 3/34
s powered up but its link is not up in 5 seconds. Therefore, power is withdrawn
from the port.