Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

switch port security err disable state is by default violation mode for switches?

2.what is the purpose of protced mode of violation after violation occur still port is in on condition and port status is gree..

if this happen how does administrator will identify that some violation has been occured?

New Member

Re: switch port security

The respose to question one is yes. Error disable is on by default.  However you have the option of using:

errdisable recovery cause XXX

errdisable recovery interval XXX

Lets say you set the port to disable after already seeing two mac addresses.  You can set the port to check again in say 5 minutes, if the condition has been corrected (third mac address removed from the switch) the port will reset itself from its condition.  In this example the commands would be:

errdisable recovery cause psecure

errdisable recovery interval 300

Number Two

Per Cisco:  "Protect—when the number of secure MAC addresses  reaches the maximum limit allowed on the port, packets with unknown  source addresses are dropped until you remove a sufficient number of  secure MAC addresses to drop below the maximum value or increase the  number of maximum allowable addresses. You are not notified that a  security violation has occurred."

Number Three

If you run SNMP, you will be able get an alert of the effected port. 

snmp-server enable traps errdisable

snmp-server enable traps port-security