Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Enabling port security on C4507R shuts down port

I'm trying to enable port security on several 4507R's. When I try to configure a range of ports the switch will randomly put 1 or 2 in err-disable.  It's different every time I apply the config to the same group of ports.  However if I do them one at a time it seems to work.  But I really don't want to configure 6 fully populated switches one port at a time.   We also have a lot of 3750's and they gave me no problem using a port range.

Here is the config I'm trying to configure

 

switchport port-security

switchport port-security maximum 2

switchport port-security aging time 1

switchport port-security aging type inactivity

  

The IOS version is. 12.2(25)EWA8

Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Enabling port security on C4507R shuts down port

Try rearranging the order in which you put the commands in. Put "switchport port-security" in last, as immediately when you enter this command, port security is enabled with the default maximum of 1 mac address per interface. If a port has two hosts on it before the next command setting the maximum to 2 is entered, it will get disabled.

Another option is to temporarily enable error disable recovery:

errdisable recovery cause psecure-violation

errdisbale recovery interval 'seconds'

Sent from Cisco Technical Support iPad App

4 REPLIES
New Member

Re: Enabling port security on C4507R shuts down port

Try rearranging the order in which you put the commands in. Put "switchport port-security" in last, as immediately when you enter this command, port security is enabled with the default maximum of 1 mac address per interface. If a port has two hosts on it before the next command setting the maximum to 2 is entered, it will get disabled.

Another option is to temporarily enable error disable recovery:

errdisable recovery cause psecure-violation

errdisbale recovery interval 'seconds'

Sent from Cisco Technical Support iPad App

New Member

Re: Enabling port security on C4507R shuts down port

Thanks.  I'll try that tonigh and let you know.

Re: Enabling port security on C4507R shuts down port

Hi,

Make sure the ports you're trying to configure are access ports (switchport mode access).

Sent from Cisco Technical Support iPhone App

New Member

Re: Enabling port security on C4507R shuts down port

That did the trick.  I put switchport port-security at the bottom and when I applied it to ranges no ports went int err-disable.

388
Views
0
Helpful
4
Replies
CreatePlease to create content