Problem with Port Security on Catalyst 6513

Unanswered Question
Jul 26th, 2012

Hello!

I have such problem.

Members (№ 1 and № 2) are connected to different switches. At the beginning of the day the user number 2 turned on his computer before user number 1 and for some reason received from the DHCP IP-address of the first user. After that, the users 1 port went to the error-disable state. Shutdown and no shotdown  the port fails, the port immediately become error-disable. The problem disappeared only after manually updating the IP to the user's PC number 1 and the off / on the port. User number 2 worked fine all this time. Why can occur port security operation at the mac-address of another port?

Log:

09:07:58: %PM-SP-4-ERR_DISABLE: psecure-violation error detected on Gi4/9, putting Gi4/9 in err-disable state

09:07:58: %PORT_SECURITY-SP-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 6cf0.4927.aba1 on port GigabitEthernet4/9.

09:07:58: %PM-SPSTBY-4-ERR_DISABLE: psecure-violation error detected on Gi4/9, putting Gi4/9 in err-disable state

Ports configuration:

№1:

interface GigabitEthernet4/9

switchport

switchport access vlan 2

switchport mode access

switchport port-security

switchport port-security mac-address sticky

switchport port-security mac-address sticky 4437.e655.e571

speed 100

duplex full

no snmp trap link-status

end

№2:

interface GigabitEthernet5/2

switchport

switchport access vlan 2

switchport mode access

switchport port-security

switchport port-security mac-address sticky

switchport port-security mac-address sticky 6cf0.4927.aba1

speed 100

duplex full

no snmp trap link-status

Thank you for help!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
Ramraj.Sivagnanam Sun, 08/19/2012 - 16:44

Hi Bro

I suspect you’ve configuration in your switch that wrongly binds a MAC Address to IP Address under your DHCP settings.

//This should be the correct configuration;

!

ip dhcp pool User1

   host 10.208.11.10 255.255.254.0

   client-identifier 0144.37e6.55e5.71

   client-name User1

!

ip dhcp pool User2

   host 10.208.11.20 255.255.254.0

   client-identifier 016c.f049.27ab.a1

   client-name User2

!

P/S: If you think this comment is useful, please do rate them nicely :-)

Actions

Login or Register to take actions

This Discussion

Posted July 26, 2012 at 4:04 AM
Stats:
Replies:1 Avg. Rating:
Views:844 Votes:0
Shares:0

Related Content

Discussions Leaderboard