10-16-2002 01:48 AM - edited 03-02-2019 02:06 AM
I've used Catalyst 2950 with port security to limit access to Ethernet network only to 'known' client's MAC-addresses. After replacement of Catalyst 2950
with Catalyst 3550 I've collided with the problem - only 128 static MAC-addresses can be defined on the whole device, but I need more...
Is there any workaround for this problem ? Is this limitation hardware or software ? Would it be expanded in future IOS releases ?
10-16-2002 05:42 AM
I believe the 128 associated secure addresses limit is per port
http://cio.cisco.com/univercd/cc/td/doc/product/lan/c3550/12111ea1/3550scg/swtrafc.htm#xtocid12
Did you have any issues with configuring port security? Does the switch complain with any messages?
10-17-2002 01:29 AM
No, it's not rait. When I try to write 128-th MAC address on _device_ (it is the
4-th on the port, the Catalyst writes to console:
s1.ats(config-if)#interface FastEthernet0/20
s1.ats(config-if)# description a2.ats
s1.ats(config-if)# switchport access vlan 8
s1.ats(config-if)# switchport mode access
s1.ats(config-if)# switchport port-security
s1.ats(config-if)# switchport port-security maximum 16
s1.ats(config-if)# switchport port-security violation protect
s1.ats(config-if)# switchport port-security mac-address 0002.4401.717e
s1.ats(config-if)# switchport port-security mac-address 0002.4425.dbf2
s1.ats(config-if)# switchport port-security mac-address 0002.442d.cd86
s1.ats(config-if)# switchport port-security mac-address 0005.653b.191e
%Error: Cannot add secure address 0005.653b.191e
%Error: Total secure addresses in system reached its max limit of 128
PSECURE: Internal Error in adding address
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: