Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
491
Views
0
Helpful
2
Replies

7960 Phones going into Err-disable state with 802.1X

miwitte
Level 4
Level 4

‎03-30-2007 06:14 AM - edited ‎03-05-2019 03:12 PM

We have have a few instances of dot1x ports getting a err-disable with the offending mac being the phone MAC. Since the port is in single host mode that is the default behavior. It would appear its something with the phone bleeding packets from the voice VLAN onto the data VLAN untagged. Anyone else seen this and how did it get resolved?

Labels:
0 Helpful
2 Replies 2

Amit Singh
Cisco Employee
Cisco Employee

‎03-30-2007 06:21 AM

Could you please paste the exact error that you are getting. I would like to see the " show log" from the switch.

-amit singh

0 Helpful

miwitte
Level 4
Level 4
In response to Amit Singh

‎03-30-2007 06:47 AM

The offending MAC is the phone 0015.c6b7.2fdc

Mar 29 21:15:51 EST: %DOT1X-5-SECURITY_VIOLATION: Security violation on interface GigabitEthernet4/29, New MAC address 0015.c6b7.2fdc is seen on the interface in Single Host mode

Mar 29 21:15:51 EST: %PM-4-ERR_DISABLE: security-violation error detected on Gi4/29, putting Gi4/29 in err-disable state

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card