Unable to remove command from switchport

Unanswered Question
Nov 17th, 2008
User Badges:

Hi guys,


I am unable to remove a command from two of the switchports I have configured as part of an etherchannel (also trunk) to my core switch.


Please see below.


I cannot remove the port-security command


interface GigabitEthernet0/48

description TRUNK to SW001 M3-42 Gig 4/0/42

switchport port-security violation restrict

channel-protocol lacp

channel-group 1 mode active

spanning-tree portfast

spanning-tree link-type point-to-point

end



Any ideas why I cant and how I go about removing it?


Thanks


Darren

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
John Blakley Mon, 11/17/2008 - 13:17
User Badges:
  • Purple, 4500 points or more

Try:


default switchport port-security


See if that works for you.


--John

andrew.butterworth Mon, 11/17/2008 - 13:20
User Badges:
  • Gold, 750 points or more

It looks like the port-security command was configured before you configured them as members of an EtherChannel. Since port-security isn't compatible with EtherChannel the CLI doesn't accept port-security commands when the port is configured as part of an EtherChannel.

You need to remove the EtherChannel configuration first before it will let you remove the port-security commands. The best way to do this is to shut the physical interfaces down, remove the channel-group command, then remove the switcport port-security command, re-add the channel-group command and then do a no shut.


I have just tested this on a 3550 and I get the same behaviour as you.


HTH


Andy

darren-carr Mon, 11/17/2008 - 13:39
User Badges:

Hi Andy,


Many thanks for your valuable input and also for those others who have posted.


As this is a production network I will attempt to make this change out of hours.


Appreciate your help and advice as always guys :)


Darren

Actions

This Discussion