also make sure u hard code it as max mac 10

thanks for the reply,

yes i have done it please find the conf below,

interface GigabitEthernet1/0/23

switchport access vlan 220

switchport mode access

switchport voice vlan 420

switchport port-security maximum 10

switchport port-security

storm-control broadcast level 20.00 15.00

storm-control action trap

spanning-tree portfast

did u get it working ?

by the way it dosent matter if u make the action shutdown or errordisable

this just an action

with error disable you can make it recoverautomaticaly after a while

while with shutdown action u have manuly reenable the port by issuing no shut

good luck

if helps rate

no, still i am facing the plb if i connect my fourth device it will down.after changeing the max mac to 10

after changing the config and save it have you tried to reload it ?

hi,

i didnt reload as becoz of the live env,

just one clarification, the port security changes will effect only after reloding the switch?

Just out of curiosity, are any of the machines running virtual servers (vmware,xen,etc.) in bridging mode?

Also, what is the output of your CAM ?

(taken from a 3560)

SER-N>sh mac address-table | include Gi0/1

48 0001.e62e.aa7e STATIC Gi0/1

48 000d.5616.1784 STATIC Gi0/1

48 000d.561f.b62b STATIC Gi0/1

48 000d.56ed.788b STATIC Gi0/1

48 0012.3fd6.f2e9 STATIC Gi0/1

48 0013.726a.b640 STATIC Gi0/1

48 0014.22ca.1484 STATIC Gi0/1

48 0014.3898.3be1 STATIC Gi0/1

48 0015.c537.88bf STATIC Gi0/1

48 0018.8ba6.d94d STATIC Gi0/1

48 0018.8bb9.4b79 STATIC Gi0/1

48 0018.8bc9.dca8 STATIC Gi0/1

48 0021.70a0.ddd4 STATIC Gi0/1

48 0021.70a3.e642 STATIC Gi0/1

SER-N#sh port-security

Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action

(Count) (Count) (Count)

---------------------------------------------------------------------------

Gi0/1 20 15 598 Restrict

Gi0/2 1 0 0 Restrict

Gi0/3 1 0 0 Restrict

Another thought, are you using switchport port-security mac-address sticky?

Here is an example port conf w/o sticky

switchport mode access

switchport port-security maximum 20

switchport port-security

switchport port-security aging time 5

switchport port-security violation restrict

hi,

i am not using sticky, plz find conf below,

interface GigabitEthernet1/0/16

switchport access vlan 220

switchport mode access

switchport voice vlan 420

switchport port-security maximum 10

switchport port-security

switchport port-security violation restrict

storm-control broadcast level 20.00 15.00

storm-control action trap

spanning-tree portfast

!

Hi,

we are not using any vmware on any of the user PCs, please find the attached information from 3750 as requested

thanks

thanks for the reply,

i have made it shutdown,

NHQ-4F#sh port-security in gi1/0/23

Port Security : Enabled

Port Status : Secure-up

Violation Mode : Shutdown

Aging Time : 0 mins

Aging Type : Absolute

SecureStatic Address Aging : Disabled

Maximum MAC Addresses : 10

Total MAC Addresses : 1

Configured MAC Addresses : 0

Sticky MAC Addresses : 0

Last Source Address:Vlan : 001d.a290.9bdd:420

Security Violation Count : 0

With port security on; check that the mac addr is not also showing up on another port.

no,

i have give the command clear port-sec all,