An incorrect switchport mode configuration causes the inability to configure port security on a switch in the Catalyst 2950 or 3550 series.
A port on a Catalyst 2950 or 3550 model must first be configured as an access port in order to configure port security. Set the interface mode as access by issuing the interface configuration switchport modeaccess command. An interface in the default mode (dynamic desirable) cannot be configured as a secure port.
These are some other guidelines for configuring port security:
Port security can only be configured on static access ports.
A secure port cannot be a dynamic access port or a trunk port.
A secure port cannot be a destination port for Switch Port Analyzer (SPAN).
A secure port cannot belong to an EtherChannel port group.
A secure port cannot be an 802.1X port.
You cannot configure static secure MAC addresses in the voice VLAN.
When you enable port security on a voice VLAN port, you must set the maximum allowed secure addresses on the port to at least two. When the port is connected to a Cisco IP phone, the IP phone requires two MAC addresses: one for the access VLAN and the other for the voice VLAN. Connecting a PC to the IP phone requires additional MAC addresses.
When port security is enabled on a port, the secure addresses on the port are deleted only if they are inactive for the specified aging time.You can issue the port security aging or switchport port-security aging time command to set the aging time for all dynamic and static secure addresses on a port.
Hi, doing a school project with Cisco Packet Tracer. For some odd reason, I am unable to ping my PT servers despite having implemented OSPF in my 3 routers. Only HQ and Branch can ping the HQ & Branch Servers and Internet User and ISP can ping Web Ser...
Now, I'm a sysadmin. I believe in DevOps, love to automate. I've been relying on Cisco for almost two decades for what I've seen as simple networking - and in the last 10 years that just probably means "predictable", or something I'm used to. It works. I'...
Hey Guys,going to Upgrade the IOS Version on a bunch of Cisco ME-3600X Switches soon.They haven't been upgraded in a while, so I just wanted to ask for some experience in the field.Will be going from 15.4(3)S2 to 15.6(2)SP8.The fact that two ima...
Hi, I have a Cisco ASR 9010 Router and I want to configure BGP BlackHole.I want to know about the syntax that is needed to be applied in order to do this, because I am having some issues regarding BH application in IOS XR.Lets say that I want to appl...