dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
4808
share rss forum feed


Scream

@people.net.au

Cisco Switch Commands for port security

Hi there

I have a Cisco 24 port 2950 switch.

I have setup port security on all ports. When i plug in a Pc, some times the Port light goes dark and the port goes into a err-disabled state.

I know there is a way to Fix this problem to allow the switch to read the PC's mac address and for the port to become active again.

I cant remember how to do this at this time.

Can someone please help me fix this problem

I use the commands

interface range fastethernet 0/1 - 24
switchport port-security
switchport port-security maximum 1
switchport port-security mac-address sticky
switchport port-security violation shutdown

to setup port security in the first place

Any help would be greatly appreciated

Thank you


nosx

join:2004-12-27
00000
kudos:5

shutdown and then no-shut the port to re-enable it.
make sure that "show run interface $INT" doesnt have a hard-coded mac address on it. That can get added automagically by the switch when it discovers a MAC on a port. If the mac there doesnt match whats plugged in you will need to remove it.



phantasm11b
Premium
join:2007-11-02

1 edit
reply to Scream

You can also do this to remove the MAC address from the port if sticky ports is enabled:

clear mac-address dynamic
clear port-security sticky
 

--
"There are two American flags flying on the property I reside on. Anyone who tries to take them down will be rendered inoperative." -Lindy

HELLFIRE
Premium
join:2009-11-25
kudos:13
reply to Scream

Slightly off-topic, but that config means:
- port security on
- allow a maximum of 1 MAC addresses to be learned at any one time
- that learned MAC address shall always be on this port and this port only
- if another MAC address is attempted to learn, the port will shut down, right?

I've forgetten all of my port security stuff...

Regards



phantasm11b
Premium
join:2007-11-02

said by HELLFIRE:

Slightly off-topic, but that config means:
- port security on
- allow a maximum of 1 MAC addresses to be learned at any one time
- that learned MAC address shall always be on this port and this port only
- if another MAC address is attempted to learn, the port will shut down, right?

I've forgetten all of my port security stuff...

Regards
Yes.
--
"There are two American flags flying on the property I reside on. Anyone who tries to take them down will be rendered inoperative." -Lindy