Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Port Security issue on the Cat 2950 with IOS ver 12.1.11EA1

Ports configured with the "sticky" port security feature do not shutdown (errordisable) when a host with a different MAC address attempts to access the port. Note that the default of 1 secure MAC address and a violation mode of shutdown has not been changed.

The configuration on port fa0/1 is :

switch port-security

switch port-security mac-address sticky

switch port-security mac-address sticky 0010.4bf9.1f6a (this was the MAC address initially learned on the port)

When I connect a different host to port fa0/1 with address 0010.4bf9.1f74, the port does not go into the errordisable state as expected.

Note that if I configured a static secure mac address on the port with a configuration on port fa0/1 of:

switch port-security

switch port-security mac-address 0010.4bf9.1f6a

the port does go to the errordisable state, as expected, when a host with a different MAC address attempts to access the port.

Has anyone else observed this behavior? Is this a software bug?

1 REPLY
Cisco Employee

Re: Port Security issue on the Cat 2950 with IOS ver 12.1.11EA1

155
Views
0
Helpful
1
Replies