Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2283
Views
0
Helpful
4
Replies

Nessus tenable.sc scan

yaredo70
Level 1
Level 1

‎03-18-2022 07:50 AM

Hi All,
We have currently required to scan our cisco switches with Nessus tenable.sc scanner and every time the scan started the datalink port disabled on the switch. I looked up the error and I found that err-disabled and I have to manually run a shut and no shut command to open the port.

if there anyone has had the issue before please share. 

 

Thanks 

Labels:
0 Helpful
4 Replies 4

Mike.Cifelli
VIP Alumni
VIP Alumni

‎03-18-2022 08:15 AM

datalink port disabled on the switch. I looked up the error and I found that err-disabled and I have to manually run a shut and no shut command to open the port.  Here is some info that should help:

-You can enable port sec error autorecovery to eliminate the need to manually shut/no shut ports in order to re-enable.  

--

View port sec status:

#show port-security interface <int>

--

View ports in err-disabled:

#show interfaces status err-disabled

--

Enable the autorecovery feature 30 seconds after a port security violation:

#errdisable recovery cause psecure-violation
#errdisable recovery interval 30

NOTE: Autorecovery default timer is 300 seconds.  

 

Lastly, I would discuss with the scan team to determine if there is a better way to ensure the NADs are hardened/secure.  Access ports going into errdisabled is a service interruption and something I would assume most want to avoid.  HTH!

0 Helpful

yaredo70
Level 1
Level 1
In response to Mike.Cifelli

‎03-18-2022 08:28 AM

Hi Mike,

 

Thank you for your reply. I don't think there is a port security configuration on the switch, I will look up the config files if there is any port security configured. My question is how We can prevent that from happening? This happened only after the scan started.

Thanks,

0 Helpful

Kasun Bandara
VIP
VIP
In response to yaredo70

‎03-18-2022 08:40 AM

first check the error-disabled reason. then you can take actions to that by disabling err-disable only for given reason. you can check logs or use console monitoring to get the reason easily.

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB
0 Helpful

yaredo70
Level 1
Level 1
In response to Kasun Bandara

‎03-21-2022 07:07 AM

Hi,

 

I have checked the error and I found this 

 

 

err-disabled  reason - udld 

 how do I solve it?

 

Thanks?

0 Helpful
Customers Also Viewed These Support Documents