11-17-2008 01:07 PM - edited 03-06-2019 02:31 AM
Hi guys,
I am unable to remove a command from two of the switchports I have configured as part of an etherchannel (also trunk) to my core switch.
Please see below.
I cannot remove the port-security command
interface GigabitEthernet0/48
description TRUNK to SW001 M3-42 Gig 4/0/42
switchport port-security violation restrict
channel-protocol lacp
channel-group 1 mode active
spanning-tree portfast
spanning-tree link-type point-to-point
end
Any ideas why I cant and how I go about removing it?
Thanks
Darren
11-17-2008 01:17 PM
Try:
default switchport port-security
See if that works for you.
--John
11-17-2008 01:20 PM
It looks like the port-security command was configured before you configured them as members of an EtherChannel. Since port-security isn't compatible with EtherChannel the CLI doesn't accept port-security commands when the port is configured as part of an EtherChannel.
You need to remove the EtherChannel configuration first before it will let you remove the port-security commands. The best way to do this is to shut the physical interfaces down, remove the channel-group command, then remove the switcport port-security command, re-add the channel-group command and then do a no shut.
I have just tested this on a 3550 and I get the same behaviour as you.
HTH
Andy
11-17-2008 01:39 PM
Hi Andy,
Many thanks for your valuable input and also for those others who have posted.
As this is a production network I will attempt to make this change out of hours.
Appreciate your help and advice as always guys :)
Darren
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: