I have begun implementing port security on all of my switches.
description Access Port
switchport access vlan 100
switchport mode access
switchport voice vlan 200
switchport port-security maximum 3
switchport port-security violation shutdown
switchport port-security aging time 5
switchport port-security aging type inactivity
no mdix auto
One of the issues I have run into is that the mac addresses are learned as static addresses on the port. If the user should happen to change ports a security violation occurs sicne the mac addresses is still learned on the previous port. What is the default behavior when aging is disabled? Will the previous port drop the static mac address thus allowing the user to change ports and casue a security violation?
Re: Understanding the finer details of Port Security
Thanks, I removed the aging time and instead increased the errdisable recovery interval to 600 sec (5 minutes). This should allow people to change the port they are connected to but prevent people from connecting other networking devices (dumb switches). My intent has been for the port to enter an errdisable state should more than 3 mac addresses be learned on the port and for the port to remain disabled for 5 minutes before recovering.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...