I have found that in order to

Markus Pethe · ‎03-07-2006

Is there a way to clear the counters of Port-Security Security Violation?

amit-singh · ‎03-07-2006

Hi,

Here is the command

clear port-security {all | configured | dynamic | sticky} [address mac-address] | [interface interface-id]

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12122ea2/2950cr/cli1.htm#wp3040836

HTH,

regards,

-amit singh

gituarte · ‎02-13-2020

Hello, what if i have a 7500 Switch with different interfaces, is there a way to still use Clear portsecurity Sticky?

amit-singh · ‎03-07-2006

Sorry I interpreted the question wrong. To clear the port security counters, there is no command as such. The only way it will get clear is with the reboot of the switch.

regards,

-amit singh

arvindchari · ‎03-07-2006

To clear dynamically learned port security MAC in the CAM table, use the clear port-security dynamic command.

To configure port security aging on the particular port use the

switchport port-security aging {static | time time | type {absolute | inactivity}}

HTH

Please rate posts that help

Regards

Arvind

Markus Pethe · ‎03-08-2006

I only want to clear the Counters of Security-Violations without rebooting the Switch. I don't like counters growing the hole uptime.

arvindchari · ‎03-08-2006

Like amit said, I dont think there is any command to do that. You might wanna have a look at

http://www.cisco.com/univercd and see if you can find something in there

HTH

Arvind

Markus Pethe · ‎03-08-2006

univercd wasn't very helpfull so I hoped sombody nows an trick or so...

But Thanks for your fast repleys!

pevgemeren · ‎08-18-2010

there is a way actually:

conf t
int fa0/5
no switchport port-security
end
clear port-security all int fa0/5

reenable port security on interface:
conf t
int fa0/5
switchport port-security
end

sorry for the late reply

Wassim Aouadi · ‎06-21-2011

Pieter,

doing a "clear port-security all" will clear MAC addresses learned on the interface. In my case, I had only to do "no switchport port-security" then a "switchport port-security", and that cleared port-security counters.

lhawkes · ‎07-21-2011

Thanks to the examples above, I tried this too.

To Clear multiple port-security counters at a time, this worked for me.

conf t

int ra f1/0/6 , f1/0/17 , f1/0/21

no switchport port-security

switchport port-security

int ra f1/0/27 , f1/0/31 , f1/0/38

no switchport port-security

switchport port-security

int ra f1/0/47

no switchport port-security

switchport port-security

end

Wassim Aouadi · ‎07-22-2011

I guess I'll stick with "no switchport port-sec" then "switchport port-sec"

thanks

Hassan Chalabi · ‎07-03-2015

Shut

no Shut

you can also select int range.

no need to negate any configs.

Reinhard Wimmer · ‎06-06-2016

Hoi Cisco Companions!

Normally a simple "no switchport port-sec" and "switchport port-sec" works fine for me to reset the PS-Violation Counter, but today on a WS-C3650-48PD it didnt work...

Maybe because the port is not connected all the times?

Any clue or hint for me?

Greetings Reinhard

oartis2013 · ‎09-15-2016

I have found that in order to clear the Security Violation Count or Rejection Count, you will need to

make sure no secure MAC address is assigned to the port first. Make sure the Port Status is

Secure-up, then connect a device. The new MAC address should now be assigned. Security Violation

Count or Rejection Count is reset back to 0. I use Cisco Network Assistant to make things easier.

Catalyst 3750G Switch

Current Port Security config:

Security Status: Enabled

Sticky Behavior: Enabled

Violation Action: Shutdown

counter reset for show port-security