cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1479
Views
0
Helpful
3
Replies

Switch Port Security

batumibatumi
Level 1
Level 1

Hi All,

I have a question regarding the siwtch Security, the question is next:

Enabling port security on the interface that is also configured for voice VLAN. What is the maximum MAX secure addresses that should be set on the port ?

1) Default will be set

2) No more then two sexure MAC addresses should be set. 

1 Accepted Solution

Accepted Solutions

Hi batumi,

You can find your answer to the next

"When you enable port security on an interface that is also configured with a voice VLAN, set the maximum allowed secure addresses on the port to two. When the port is connected to a Cisco IP phone, the Cisco IP phone requires one MAC address. The Cisco IP phone address is learned on the voice VLAN, but is not learned on the access VLAN. If you connect a single PC to the Cisco IP phone, no additional MAC addresses are required. If you connect more than one PC to the Cisco IP phone, you must configure enough secure addresses to allow one for each PC and one for the phone."

There are also some guidelines that you should take into consideration when you configure port security to voice vlan.

For instance you can not configure the sticky command to voice vlan

Read the next link

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22ea/SCG/swtrafc.html

Hope that helps

Vasilis

Please rate the helpful posts

View solution in original post

3 Replies 3

Hi batumi,

You can find your answer to the next

"When you enable port security on an interface that is also configured with a voice VLAN, set the maximum allowed secure addresses on the port to two. When the port is connected to a Cisco IP phone, the Cisco IP phone requires one MAC address. The Cisco IP phone address is learned on the voice VLAN, but is not learned on the access VLAN. If you connect a single PC to the Cisco IP phone, no additional MAC addresses are required. If you connect more than one PC to the Cisco IP phone, you must configure enough secure addresses to allow one for each PC and one for the phone."

There are also some guidelines that you should take into consideration when you configure port security to voice vlan.

For instance you can not configure the sticky command to voice vlan

Read the next link

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22ea/SCG/swtrafc.html

Hope that helps

Vasilis

Please rate the helpful posts

Let me say a hug thanks wach og you for your perfect answers and explanation, that's was very helpful !!!

Good Luck and thanks !!!

After enable port security on an interface that is also configured with a voice VLAN, the number of MAC addresses that is set on the port is 1.

When you enable port security on this interface, you must set the maximum allowed secure addresses on the port to at least two. Otherwise the selected Violation will occur, because the switch doesn’t set the maximum number of Mac´s on the port automatically to two.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco