Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Prevent dropping of packets in a port-security / 802.1x environment

Hi everbody!

I have a dedicated laptop I use to display some features, when I change the wired connection from a switch to another switch, it drops the packets even though I do authenticate correctly, I have 802.1x configured in the access switches and port-security in the aggregation/core switch, I have configured port-security protect mode, otherwise the aggregation/core switch could just shutdown the port.

Thanks in advance!

Ana Linda.

Everyone's tags (3)
4 REPLIES

Re: Prevent dropping of packets in a port-security / 802.1x envi

Hi

I don't understand what is you issue exactly

But it is some problem in your configuration

You have not use port security in you core and distribute layer

Let me know about your L3 or L2 packet switching. Maybe your packet drop issue is because of these.

Sent from Cisco Technical Support iPad App

Gold

Re: Prevent dropping of packets in a port-security / 802.1x envi

Hi Ana,

when you configure a port's violation mode in Protected mode, instead of shutting the port down, it drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value.

maybe thats why...

plz Rate if it helped.

Soroush,

Hope it Helps!

Soroush.
New Member

Re: Prevent dropping of packets in a port-security / 802.1x envi

I want to use the same laptop (and the same mac address if possible) when trying to display some ISE features in different switches, having both 802.1x and port-security enabled.

I want to know if it's possible, and how to make it possible.

So, I did know it's because the protect mode, but I want to prevent the dropping to happen even with port-security enabled.

Silver

Prevent dropping of packets in a port-security / 802.1x environm

Hi,

Can you please post the port configuration of your aggregation/core switch. My view is you are using trunks in between the core/aggregation and access switches and obviously you wish to stay within the same Vlan with your laptop. I understand that you are using port-security at the core/aggregation switch ONLY in addition to 802.1X authentication with the access switches.

Thanks & Regards,

Antonin

623
Views
0
Helpful
4
Replies
CreatePlease to create content