I experienced a scenario recently where port security was enabled on a switch allowing 3 mac addresses on a port with sticky, The physical setup was Switch>>media converter>>IP phone>>Laptop.
Port one had this equipment already in situe and we wanted to add another laptop to the domain,
We connected a 2nd laptop to port one and successfully joined the domain.
We did not setup port security on port 2. Uppon conencting a new IP phone to port 2, and then moving the 2nd laptop to port 2 also, the phone worked but laptop 2 did not.
We found that for the laptop to work on port 2 we had to flush port 1.
My question is.. Is this default behaviour? may a mac address only exist on one port as far as port security in concerned? or might the use of the media converter stopped the port from recognising the disconnection of the laptop perhaps?
You have to check the configuration of your switch interface, probably a switch's port dynamically learned a MAC address with the “switchport port-security mac-address sticky” command and does not allow another port learn the MAC address, I recommend you to use the “mac-address-table static 0000.1111.2222 vlan x interface fastethernet 0 / x” command to be assigned statically.
You should also check that the “switchport port-security” command is configured on each interface of the switch, because without that no “port-security command” will work.
IP phones sometimes have multiple MAC addresses assigned, and sometimes this causes problems with networks like yours >> Switch >> IP phone media converter >> Laptop. To solve this problem, change the maximum allowed MAC addresses, adding one to the maximum allowed
For example if the maximum is 2, change to 3
Switchx (config-if) # switchport port-security maximum 2.
Switchx (config-if) # no switchport port-security maximum 2.
Switchx (config-if) # switchport port-security maximum 3.
If these solutions do not fix your problem, send me your switch configuration or
If this answer was satisfactory for you, please mark the question as Answered.
A VPN or Virtual Private Network is a secure network over an unsecure
environment like internet. The VPN allows the remote clients to access
the internal network resources (private network) over the Internet
(public). These are the most common VPN article...
ISA500 series small business integrated security appliances can be
accessed, monitored and managed remotely. The below articles will give
you an insight of remote administration settings on ISA500 series
devicesCisco OnPlus Settings on ISA500 Series Integ...
Captive portal is an additional authentication step that can used for
both guests and authenticated users. Clients will see a special web page
for authentication purposes before they are allowed to use the internet
normally. Captive portal makes use of th...