Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
673
Views
0
Helpful
1
Replies

Interface coming back up after port security violation.

jdjoseph1977
Level 1
Level 1

‎06-08-2016 04:14 PM

Here is the config on the particular port.

interface GigabitEthernet2/0/44
switchport access vlan 20
switchport mode access
switchport port-security maximum 5
switchport port-security mac-address sticky
switchport port-security mac-address sticky 1803.73db.98e4
switchport port-security mac-address sticky 507b.9d3b.bfdb
switchport port-security mac-address sticky 7446.a096.e4ea
switchport port-security mac-address sticky a048.1c96.7561
switchport port-security mac-address sticky f0de.f15e.04ae
switchport port-security
spanning-tree portfast
end

This is a small pocket hub that the IT uses to reimage desktops. When it gets full I will go in and clear the port of the sticky address.

My question is...When he plugs in a new device taking the MAC count to 6, the interface shuts down which is great. But when he unplugs the violating MAC address the switch comes back up. WHY IS THAT? I thought port security violations have to be cleared manually.

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎06-08-2016 06:50 PM

A port-security violation puts the interface int err-disable state.

If err-disable recovery is enabled globally, the interface will recover after the configured time period (300 seconds by default when it's enabled).

Use "show errdisable recovery" to verify.

Reference: http://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/69980-errdisable-recovery.html#anc10

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card