Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1510
Views
0
Helpful
1
Replies

Port-Security not incrementing Violation counters??

bprinski
Level 1
Level 1

‎05-07-2008 05:44 PM - edited ‎03-05-2019 10:49 PM

Hello, My switch is logging port security violations but when I look at the counters it is not incrementing?

May 7 07:07:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 07:16:27 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 07:28:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 07:43:27 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 07:49:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 07:52:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 08:07:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 08:40:27 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 08:46:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 08:49:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 08:52:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 8 00:17:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 8 00:35:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 8 01:26:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

Switch# sho clo

01:42:52.508 UTC Thu May 8 2008

Switch# sho port-security interface g5/22

Port Security : Enabled

Port Status : Secure-up

Violation Mode : Restrict

Aging Time : 2 mins

Aging Type : Absolute

SecureStatic Address Aging : Disabled

Maximum MAC Addresses : 1

Total MAC Addresses : 1

Configured MAC Addresses : 0

Sticky MAC Addresses : 0

Last Source Address : 0011.85ba.63f7

Security Violation Count : 4

Labels:
0 Helpful
1 Reply 1

tstanik
Level 5
Level 5

‎05-13-2008 06:07 AM

If a machine moves ports, but the old port is not cleared. Mean if you turn off port security and the mac-address sticky on the old port, it will allow you to "unlock" the new port and grab the stick address without restricting the new port. Once the new port is live, you can turn port security back on the old port.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card