Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

port security problem in catalyst 6500 switches

I have 6 catalyst 6500 switches, all of them with Cat0S cat6000-sup2k8.8-3-7.bin and I recently configured port security feature in order to limit the number of MAC addresses that are permited in each port at a time; I configured this on each port:

set port security x/y enable maximum 2 shutdown 10 violation shutdown

and I did not configure the blobal command: set port securitu auto-configure enabled; because I don't want the switche "learn" only the last 2 mac addresses connected; and this works, but there are some cases, or maybe a lot cases in which this configuration doesn't work, I mean, even with only one MAC address, a new one, the port goes down...

what I'm doing wrong?

thanks

1 REPLY
Silver

Re: port security problem in catalyst 6500 switches

Enabling Port Security

When enabling port security on access ports or trunks, follow these guidelines:

When you enable port security, if an address learned or configured on one secure port is seen on another secure port in the same VLAN, port security puts the port into the error-disabled state immediately.

To bring a secure port out of the error-disabled state with the default port security configuration, enter the errdisable recovery cause shutdown global configuration command, or manually reenable it by entering the shutdown and no shut down interface configuration commands.

Enter the clear port-security dynamic global configuration command to clear all dynamically learned secure addresses. See the Catalyst 6500 Series Switch Cisco IOS Command Reference, Release 12.2SX, for complete syntax information

http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a0080160a2c.html

http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a00800da706.html

106
Views
0
Helpful
1
Replies
CreatePlease to create content