Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Switch Port Security

Hi All,

I have a question regarding the siwtch Security, the question is next:

Enabling port security on the interface that is also configured for voice VLAN. What is the maximum MAX secure addresses that should be set on the port ?

1) Default will be set

2) No more then two sexure MAC addresses should be set. 

1 ACCEPTED SOLUTION

Accepted Solutions

Switch Port Security

Hi batumi,

You can find your answer to the next

"When you enable port security on an interface that is also configured with a voice VLAN, set the maximum allowed secure addresses on the port to two. When the port is connected to a Cisco IP phone, the Cisco IP phone requires one MAC address. The Cisco IP phone address is learned on the voice VLAN, but is not learned on the access VLAN. If you connect a single PC to the Cisco IP phone, no additional MAC addresses are required. If you connect more than one PC to the Cisco IP phone, you must configure enough secure addresses to allow one for each PC and one for the phone."

There are also some guidelines that you should take into consideration when you configure port security to voice vlan.

For instance you can not configure the sticky command to voice vlan

Read the next link

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22ea/SCG/swtrafc.html

Hope that helps

Vasilis

Please rate the helpful posts

3 REPLIES

Switch Port Security

Hi batumi,

You can find your answer to the next

"When you enable port security on an interface that is also configured with a voice VLAN, set the maximum allowed secure addresses on the port to two. When the port is connected to a Cisco IP phone, the Cisco IP phone requires one MAC address. The Cisco IP phone address is learned on the voice VLAN, but is not learned on the access VLAN. If you connect a single PC to the Cisco IP phone, no additional MAC addresses are required. If you connect more than one PC to the Cisco IP phone, you must configure enough secure addresses to allow one for each PC and one for the phone."

There are also some guidelines that you should take into consideration when you configure port security to voice vlan.

For instance you can not configure the sticky command to voice vlan

Read the next link

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22ea/SCG/swtrafc.html

Hope that helps

Vasilis

Please rate the helpful posts

New Member

Switch Port Security

Let me say a hug thanks wach og you for your perfect answers and explanation, that's was very helpful !!!

Good Luck and thanks !!!

New Member

Re: Switch Port Security

After enable port security on an interface that is also configured with a voice VLAN, the number of MAC addresses that is set on the port is 1.

When you enable port security on this interface, you must set the maximum allowed secure addresses on the port to at least two. Otherwise the selected Violation will occur, because the switch doesn’t set the maximum number of Mac´s on the port automatically to two.

1206
Views
0
Helpful
3
Replies
CreatePlease login to create content