Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

port-security in switches


I have one question about port-security in switches.

If I configure port-security and I don´t define an aging time.

The mac-address for this port, never expires?

Should I enable the port-security aging time.

This happened to me in a switch port wich have a hub, It always shows the mac-addres even, when there no devices in the hub.



Re: port-security in switches

Hi .. it depends of how is the port configured. The aging comes handy when you configure a limit in the ammount of MAC addresses that are able to connect to a specific port. Let's say you configured teh limit to 10. This means that no more than 10 MAC addresses will be able to connect throuhgt that port. Now let's say that 6 out of 10 PC are running and another PC ( 11 ) is trying to connect. if you have the aging parameter then teh 11th PC will be able to connect after teh aging expired otherwise you will have to remove at least one MAC addresses from the MAC table on that port in order to allow place for the new PC.

I suggest you to quick go throught the bwlow link which explains about it.

I hope it helps .. please rate it if does !!!

New Member

Re: port-security in switches


I have one more requirement on port security. (I have enabled MAC Address authentication on my switch where by the user gets authenticated against their MAC address which is saved on the ACS server)I want a user who has not connected to the port for more than 30 days to be disabled by the ACS server. Is this possible. I am not sure if we are discusion the same ting or not. Please give me any inputs if you have.

CreatePlease login to create content