Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Problem with port security

HI ,

I have a problem with port security. Although i had disabled port security it is still blocking my ports with more than 1 mac adress. When i enable and configure port security to allow 3 mac adresses and violation behaviour to restrict it still disables port after i turn virtual machine on .

Below are logs and configuration .

Thank You in advance for help.

230606: Aug 27 10:37:44.389: %AUTHMGR-5-SECURITY_VIOLATION: Security violation on the interface GigabitEthernet1/0/6, new MAC address (0800.271b.f23f) is seen.AuditSessionID  Unassigned

230607: Aug 27 10:37:44.389: %PM-4-ERR_DISABLE: security-violation error detected on Gi1/0/6, putting Gi1/0/6 in err-disable state

230608: Aug 27 10:37:45.401: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/6, changed state to down

230609: Aug 27 10:37:46.397: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/6, changed state to down

ciscosw08#show port-security interface gi

ciscosw08#show port-security interface gigabitEthernet 1/0/6

Port Security              : Enabled

Port Status                : Secure-up

Violation Mode             : Restrict

Aging Time                 : 0 mins

Aging Type                 : Absolute

SecureStatic Address Aging : Disabled

Maximum MAC Addresses      : 3

Total MAC Addresses        : 2

Configured MAC Addresses   : 2

Sticky MAC Addresses       : 0

Last Source Address:Vlan   : 441e.a1cf.24b1:50

Security Violation Count   : 0

interface GigabitEthernet1/0/6

switchport access vlan 50

switchport mode access

switchport nonegotiate

switchport port-security maximum 3

switchport port-security

switchport port-security violation restrict

switchport port-security mac-address 0800.271b.f23f vlan access

switchport port-security mac-address 441e.a1cf.24b1 vlan access

authentication port-control auto

dot1x pae authenticator

dot1x timeout server-timeout 10

dot1x max-reauth-req 3

spanning-tree portfast

show port-security address

50    0800.271b.f23f    SecureConfigured           Gi1/0/6      -

50    441e.a1cf.24b1    SecureConfigured           Gi1/0/6      -

CreatePlease login to create content