Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Port-Security not incrementing Violation counters??

Hello, My switch is logging port security violations but when I look at the counters it is not incrementing?

May 7 07:07:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 07:16:27 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 07:28:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 07:43:27 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 07:49:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 07:52:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 08:07:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 08:40:27 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 08:46:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 08:49:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 7 08:52:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 8 00:17:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 8 00:35:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

May 8 01:26:30 UTC: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0011.85ba.63f6 on port GigabitEthernet5/22.

Switch# sho clo

01:42:52.508 UTC Thu May 8 2008

Switch# sho port-security interface g5/22

Port Security : Enabled

Port Status : Secure-up

Violation Mode : Restrict

Aging Time : 2 mins

Aging Type : Absolute

SecureStatic Address Aging : Disabled

Maximum MAC Addresses : 1

Total MAC Addresses : 1

Configured MAC Addresses : 0

Sticky MAC Addresses : 0

Last Source Address : 0011.85ba.63f7

Security Violation Count : 4

1 REPLY
Bronze

Re: Port-Security not incrementing Violation counters??

If a machine moves ports, but the old port is not cleared. Mean if you turn off port security and the mac-address sticky on the old port, it will allow you to "unlock" the new port and grab the stick address without restricting the new port. Once the new port is live, you can turn port security back on the old port.

1179
Views
0
Helpful
1
Replies
CreatePlease to create content