Port security on Cisco 6513

Unanswered Question
May 11th, 2009

Port security is giving me so much grief. I have allowed maximum of 2 mac addresses but for some reason I get several security violation syslog alerts throughout the day and these violations come from different mac addresses, while there is only one PC connected to this port Can someone explain me why would that happen and how do I avoid getting these alerts?

Here is my Port security configuration:

interface GigabitEthernet4/14

switchport

switchport access vlan 101

switchport mode access

switchport voice vlan 102

switchport port-security

switchport port-security maximum 2

switchport port-security aging time 2

switchport port-security violation restrict

speed 100

duplex full

spanning-tree portfast

Syslog message generated from device chicago-6513: May 8 16:05:34 chi-6513-10.mydomain.com 18804: May 8 16:05:32.192: %PORT_SECURITY-SP-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 5854.5330.3920 on port GigabitEthernet4/14.

Syslog message generated from device chi-6513-10: May 8 14:59:37 Chicago-6513.mydomain.com 18803: May 8 14:59:35.268: %PORT_SECURITY-SPSTBY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 5853.4430.3641 on port GigabitEthernet4/14.

Syslog message generated from device Chicago-6513: May 8 14:34:41 Chicago-6513.mydomain.com 18799: May 8 14:34:39.399: %PORT_SECURITY-SPSTBY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 001a.4644.5854 on port GigabitEthernet4/14.

#show port-security interface gigabitEthernet 4/14

Port Security : Enabled

Port Status : Secure-up

Violation Mode : Restrict

Aging Time : 2 mins

Aging Type : Absolute

Maximum MAC Addresses : 2

Total MAC Addresses : 1

Configured MAC Addresses : 0

Sticky MAC Addresses : 0

Last Source Address : 001a.a04f.7763

Last Source Address VlanId : 101

Security Violation Count : 6

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
nawas Mon, 05/11/2009 - 11:26

I think I posted this message in the wrong forum, I will move it to LAN/WAN.

Sorry about that.

Actions

This Discussion