Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Troubleshooting port-security on older IOS

Hello all,

I posted yesterday about port-security with olders IOS's.

My question now is the most efficient way of re-enabling a port that had a violation under an older IOS.

My experience has been just doing a "clear port-security sticky" (or something like that). It would clear the learned MACs, then I'd re-enable the specific port. Done.

With the older IOS, the "clear port-security" command is available. Now, is the quickest way just logging into the disabled interface, doing "no switchport port-security" followed by re-enabling the the port, then "switchport port-security" ?

Basically. What is the quickest way of re-enabling a port on a switch that doesn't have the "clear port-security" option?

Thanx

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Troubleshooting port-security on older IOS

Hi,

Clearing the port-security from the interface and re-configuring is a very tediuos work and a lenthy process too.

Please look at the error recovery feature on the IOS you are running. When a secure port is in the error-disabled state, you can bring it out of this state by entering the " errdisable recovery cause psecure_violation " global configuration command or you can manually reenable it by entering the shutdown and no shut down interface configuration commands.

The recovery time is 300 seconds by default and you can change it using with the command itself.

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/12_1_19/cmdref/chap2a.htm#wp1295325

regards,

-amit singh

1 REPLY

Re: Troubleshooting port-security on older IOS

Hi,

Clearing the port-security from the interface and re-configuring is a very tediuos work and a lenthy process too.

Please look at the error recovery feature on the IOS you are running. When a secure port is in the error-disabled state, you can bring it out of this state by entering the " errdisable recovery cause psecure_violation " global configuration command or you can manually reenable it by entering the shutdown and no shut down interface configuration commands.

The recovery time is 300 seconds by default and you can change it using with the command itself.

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/12_1_19/cmdref/chap2a.htm#wp1295325

regards,

-amit singh

231
Views
0
Helpful
1
Replies
CreatePlease to create content