Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

port-security limitations on Catalyst 3550

I've used Catalyst 2950 with port security to limit access to Ethernet network only to 'known' client's MAC-addresses. After replacement of Catalyst 2950

with Catalyst 3550 I've collided with the problem - only 128 static MAC-addresses can be defined on the whole device, but I need more...

Is there any workaround for this problem ? Is this limitation hardware or software ? Would it be expanded in future IOS releases ?

Cisco Employee

Re: port-security limitations on Catalyst 3550

I believe the 128 associated secure addresses limit is per port

Did you have any issues with configuring port security? Does the switch complain with any messages?

New Member

Re: port-security limitations on Catalyst 3550

No, it's not rait. When I try to write 128-th MAC address on _device_ (it is the

4-th on the port, the Catalyst writes to console:

s1.ats(config-if)#interface FastEthernet0/20

s1.ats(config-if)# description a2.ats

s1.ats(config-if)# switchport access vlan 8

s1.ats(config-if)# switchport mode access

s1.ats(config-if)# switchport port-security

s1.ats(config-if)# switchport port-security maximum 16

s1.ats(config-if)# switchport port-security violation protect

s1.ats(config-if)# switchport port-security mac-address 0002.4401.717e

s1.ats(config-if)# switchport port-security mac-address 0002.4425.dbf2

s1.ats(config-if)# switchport port-security mac-address 0002.442d.cd86

s1.ats(config-if)# switchport port-security mac-address 0005.653b.191e

%Error: Cannot add secure address 0005.653b.191e

%Error: Total secure addresses in system reached its max limit of 128

PSECURE: Internal Error in adding address

CreatePlease to create content