Port security is giving me so much grief. I have allowed maximum of 2 mac addresses but for some reason I get several security violation syslog alerts throughout the day and these violations come from different mac addresses, while there is only one PC connected to this port Can someone explain me why would that happen and how do I avoid getting these alerts?
Here is my Port security configuration:
interface GigabitEthernet4/14
switchport
switchport access vlan 101
switchport mode access
switchport voice vlan 102
switchport port-security
switchport port-security maximum 2
switchport port-security aging time 2
switchport port-security violation restrict
speed 100
duplex full
spanning-tree portfast
Syslog message generated from device chicago-6513: May 8 16:05:34 chi-6513-10.mydomain.com 18804: May 8 16:05:32.192: %PORT_SECURITY-SP-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 5854.5330.3920 on port GigabitEthernet4/14.
Syslog message generated from device chi-6513-10: May 8 14:59:37 Chicago-6513.mydomain.com 18803: May 8 14:59:35.268: %PORT_SECURITY-SPSTBY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 5853.4430.3641 on port GigabitEthernet4/14.
Syslog message generated from device Chicago-6513: May 8 14:34:41 Chicago-6513.mydomain.com 18799: May 8 14:34:39.399: %PORT_SECURITY-SPSTBY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 001a.4644.5854 on port GigabitEthernet4/14.
#show port-security interface gigabitEthernet 4/14
Port Security : Enabled
Port Status : Secure-up
Violation Mode : Restrict
Aging Time : 2 mins
Aging Type : Absolute
Maximum MAC Addresses : 2
Total MAC Addresses : 1
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address : 001a.a04f.7763
Last Source Address VlanId : 101
Security Violation Count : 6