Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

SF300 - Problem with Port Security - Possible to Disable?

Hello. I have several SF300 switches deployed (SF300-08, SF300-24P). They are connected to IP Telephones (NEC) which communicate with the switch for auto voice VLAN on LLDP. The problem I am experiencing is that periodically the IP telephones are rebooted by the telephone vendor and when they do the switch puts that port into "Locked" port security mode and discards all traffic to the port. The IP telephones of course do not work. In other switch models, I have seen the ability to enable / disable port security switch wide or on a port by port basis. This model does not appear to have this feature. Any ideas on how to disable or why the phones would cause the switch ports to "lock"? There is usually one PC attached to each phone. Thanks.

  • LAN Switching and Routing
Everyone's tags (4)
1 REPLY
Green

SF300 - Problem with Port Security - Possible to Disable?

Jelia,

The port security feature is dictated by the cdp and lldp advertisements by the phone through the smart port roles. Because of your LLDP advertisements, the smart port role will go to ip phone + desktop. However, this will allocate 2 IP address for the configured port. This begs the question, why would the phone rebooting lock the port?

Is your phone reporting more than 2 MAC address?

If you like, you may disable the smart port and port security however this will result in manual configuration of your ports with data vlan untag, voice vlan tag and also QoS issues.

-Tom

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
1461
Views
0
Helpful
1
Replies