Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Port security doesn't shutdown a port on a Cat 4000

I have port security configured on a Cat 4000, but it doesn't shutdown the port. The configuration shows:

set port security 2/22 enable age 0 maximum 1 shutdown 0 unicast-flood enable violation shutdown

When I patch a workstation into the port, a 'show port security 2/22" shows the switch has learnt the mac, and it is secure.

However, when I patch a different workstation into the same port, the switch just learns the new mac address. Shouldn't it shut the port down, or am I missing something?!

Cheers,

Jon

  • Other Network Infrastructure Subjects
5 REPLIES
Bronze

Re: Port security doesn't shutdown a port on a Cat 4000

You need to set the shutdown time to something other than "shutdown 0". See http://www.cisco.com/en/US/products/hw/switches/ps4324/products_configuration_guide_chapter09186a00801a1613.html

New Member

Re: Port security doesn't shutdown a port on a Cat 4000

Doesn't "shutdown 0" mean "shutdown permanently"?

Bronze

Re: Port security doesn't shutdown a port on a Cat 4000

The link above states:

"You can specify how long a port is to remain disabled in the event of a security violation. By default, the port is shut down permanently. The valid range is from 1-1440 minutes.

If you set the time to zero, the shutdown is disabled for this port."

The wording above leads me to believe that if you don't specify a shutdown time, the default is permanent. But specifying 0 effectively turns shutdown off.

New Member

Re: Port security doesn't shutdown a port on a Cat 4000

I've tried not specifying a shutdown time, but if I do that, the configuration reflects the default, i.e. shutdown 0.

New Member

Re: Port security doesn't shutdown a port on a Cat 4000

I should add that I have other Cat 4000s running version 5 catos that work fine with the same port security config, so it looks like there's a bug in version 7.

100
Views
0
Helpful
5
Replies
This widget could not be displayed.