Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
633
Views
0
Helpful
1
Replies

SG200-26 port security and PVID

sammycbmi
Level 1
Level 1

‎04-14-2014 01:32 PM

We have a SG200-26. This dumb switch is connected to a trunk port of the SG200. This dumb switch has a couple of other switches that connect to it. Another dumb another managed. I know dumb switches aren't good but that's what I have been given and have to deal with. The port on the SG200 is set up with a PVID of 2 and tags a voice vlan and management vlan. However here's what happens I don't get.

 

The other day we disconnected a dumb switch from the SG200 as we were doing some maintenance.

1. Port security kicked in and locked the port. This has happened before. The port is configured to accept 50 MAC addresses. I set this really high just to avoid port security locking the port. We only have a total of maybe 40 devices connecting to the port on the SG200 via the dumb switch and it's associated other switches. I mean maybe it's possible it's close to 50 but whatever the number may be it's the same number of devices. Therefore why isn't the SG200 remembering the MAC addresses?

 

2. After I unlocked the port things still didn't work. Apparently the SG200 had changed the VLAN config for that port back to the standard setting. PVID of 1 (native VLAN is 1 on the switch) and nothing else. No tagging of voice or management.  This whole thing is what I don't get.  This happened before when the switch lost power and I've got to believe this is a bug. I believe this started after a firmware update.  We are on 1.3.2.02 and I seem to remember reading this included some type of change in the config and maybe it's a good idea to factoy reset the switch after and rebuild the config by hand.

 

Looking for ideas other than to update to the latest firmware.

 

Labels:
0 Helpful
1 Reply 1

sammycbmi
Level 1
Level 1

‎04-14-2014 03:49 PM

Sorry I realized my second sentence is confusing. The dumb switch I refer to in the second sentence is a switch that is connected to the SG200 via the port that is locking. I'm not calling the SG200 a dumb switch.

 

Also it appears it's a feature of the switch to go back to the defauly VLAN.

 

"If a port is no longer a member of any VLAN, the device automatically configures the port as an untagged member of the default VLAN. A port is no longer a member of a VLAN if the VLAN is deleted or the port is removed from the VLAN."

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Switch products supported in this community
Cisco Business Product Family
  • CBS110
  • CBS220
  • CBS250
  • CBS350
Cisco Switching Product Family
  • 110
  • 200
  • 220
  • 250
  • 300
  • 350
  • 350X
  • 550X
Customers Also Viewed These Support Documents