Hello, I'm trying to configure port-security on my switchports; our security policy is to prevent a user from overflowing the CAM table, but we don't care if that user roams to different ports on the same switch. Current port config:
switchport port-security maximum 20
switchport port-security aging time 10
switchport port-security violation restrict
switchport port-security aging type inactivity
The problem with that config is that if a user roams to a different port on the same switch, the port goes to err-disable state for 10 minutes. Is there a way to prevent that from happening, while still only allowing a max of 20 mac addresses on each port?
thanks in advance,