How exactly does age time work in port security? Currently I don't have age time set for port security and I was under the impression that this means that age time is disabled which meant the secure address is active on the port forever.
Recently though I have been noticing that even when port security is set and when a computer is unplugged there is no entry in the Secure-src-addr and consequently the port does not shutdown when a different computer or device is plugged in.
The port security config is set to dynamic, violation shutdown for 5 minutes with age time not set. Anyone know what's going on?
If port security is set to dynamic, then it's adding the learned addresses to the port. It won't shut the port down unless you have a max-address set. These addresses (unless sticky) will be removed when the switch is reset.
IMHO, there's no point to having port security if you don't set either the amount of accepted addresses on the port in dynamic, or set them to have static mac addresses.
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...