Switchport Security Issues

Unanswered Question
Oct 29th, 2009

We have been running switchport security on our campus environment without issue for the last year or so. Lately, we have had two issues that I cannot figure out. (we are running on Catalyst 3550's IOS 12.1 (12c) EA1.

1) We are getting security violations from what appears to be bogus mac addresses. These happen (always, I think) when no on is on the computer and always recovers on the first attempt. The mac's are usually consistently one of these two:

5258.5f55.55c5

5e55.3555.5556

2) Our desktop computers (all Dell) have recently gone through a refresh and some have randomly tripped port security with the Dell MAC address. I have to set it to "max 2", even thought the mac-address table only sees one mac. But... show port-security interface f0/25 says, "Total MAC addresses : 2"

help!!!

Thanks in advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
justbailey Thu, 10/29/2009 - 06:35

Will,

Thanks for the reply. I have read this thread and it may be a driver issue. But all (all that I have checked) of the refreshed computers are using the same driver and only a small percentage have given us problems. But it has happened enough to cast doubt on the port security implementation:(

thanks,

Justin

iyde Thu, 10/29/2009 - 09:09

Justin,

Apart of checking for newer drivers for the NIC you might consider ugrading your switch IOS as well, as it is a very old version, you are running. I'd suggest the newest (and last?) for 3550 switches, i.e. 12.2(44)SE6. It will for sure have a lot of bug fixes and probably also some nice new features.

HTH, Ingolf

justbailey Thu, 10/29/2009 - 10:49

iyde,

thanks,

we have been hesitant to upgrade IOS's on a large scale because we are not always sure what updates we are entitled to, the update/upgrade process is a bit cryptic with Cisco!! I will look into it,

Thanks!

Actions

This Discussion