Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
743
Views
0
Helpful
4
Replies

Windows 7 Network Map causes port to go err-disable

bret
Level 3
Level 3

‎07-31-2013 10:54 AM - edited ‎03-07-2019 02:41 PM

Our desktop team wants to run LLDP, so they can use Network Map on a windows 7 box. This is all well and good, but the box connects to a switch running port-security with max 2. When the discovery starts the port is thrown into err-disabled. We put a recovery timer in place, but this is not good enough and we cant get rid of port-security max 2. Has anyone had this issue and come up with a solution?

Look forward to your replies.

Bret

Labels:
0 Helpful
4 Replies 4

fb_webuser
Level 6
Level 6

‎07-31-2013 11:59 AM

You need to find the cause of err-disable first, which should be in the logs, also paste the interface configurations for the port that goes in err-disable....

---

Posted by WebUser Neeraj Jagga from Cisco Support Community App

0 Helpful

bret
Level 3
Level 3
In response to fb_webuser

‎07-31-2013 12:17 PM

For some reason when the Network Map is run it wants to learn all the MACs. When this happens the threshold is reached on my port-security max 2 causing the err-disable to occur.

*Mar  1 06:02:03: %PM-4-ERR_DISABLE: psecure-violation error detected on Gi0/43, putting Gi0/43 in err-disable state

*Mar  1 06:02:03: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 000d.3aee.6101 on port GigabitEthernet0/43.

Interface GigabitEthernet0/43

switchport access vlan 128

switchport mode access

switchport voice vlan 50

switchport port-security maximum 2

switchport port-security

no logging event link-status

srr-queue bandwidth share 1 30 35 5

priority-queue out

mls qos trust cos

no snmp trap link-status

auto qos trust

no cdp enable

spanning-tree portfast

0 Helpful

fb_webuser
Level 6
Level 6

‎07-31-2013 01:13 PM

if you say for some reason the software is trying to learn all the MAC addresses, why is it trying to send it back to the port using it as a source MAC causing the port to protect? I don't think that's the right way to software works not unless there's a loop between your server and switch. just my 2c.

---

Posted by WebUser John Patrick Lopez from Cisco Support Community App

0 Helpful

pille1234
Level 3
Level 3
In response to fb_webuser

‎07-31-2013 01:45 PM

I'm sorry to say but Microsoft LLTD protocol is not compatible with mac-based authentication. There is nothing you can do about it, but this network map is rather useless eye candy anyway, ain't it?

For further information about LLTD have a look here

http://msdn.microsoft.com/en-us/library/cc233991.aspx

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card