An incorrect switchport mode configuration causes the inability to configure port security on a switch in the Catalyst 2950 or 3550 series.
A port on a Catalyst 2950 or 3550 model must first be configured as an access port in order to configure port security. Set the interface mode as access by issuing the interface configuration switchport modeaccess command. An interface in the default mode (dynamic desirable) cannot be configured as a secure port.
These are some other guidelines for configuring port security:
Port security can only be configured on static access ports.
A secure port cannot be a dynamic access port or a trunk port.
A secure port cannot be a destination port for Switch Port Analyzer (SPAN).
A secure port cannot belong to an EtherChannel port group.
A secure port cannot be an 802.1X port.
You cannot configure static secure MAC addresses in the voice VLAN.
When you enable port security on a voice VLAN port, you must set the maximum allowed secure addresses on the port to at least two. When the port is connected to a Cisco IP phone, the IP phone requires two MAC addresses: one for the access VLAN and the other for the voice VLAN. Connecting a PC to the IP phone requires additional MAC addresses.
When port security is enabled on a port, the secure addresses on the port are deleted only if they are inactive for the specified aging time.You can issue the port security aging or switchport port-security aging time command to set the aging time for all dynamic and static secure addresses on a port.
I have a question.I have a Switch 3650 with the firmware 16.3.6.its Port 48 is connected to an AP ,after some time[could be months ] start to drop the packet.but this problem is only with this interface. if i connect the AP to another port of switch ...
Trying to import a list of c360 devices after upgrading; file is accepted by import process, but the import job fails with no reason given in the detail screen. Can anyone point me at where to start troubleshooting this please?
HiI configured flexible netflow on cat6k with sup2t and I was wondering whether eigrp is considered as flows ? Actually I configured netflow on an interface that is part of a p2p link where EIGRP is running. I'm a bit surprised to not get the eigrp hello ...
hi,I have few routers (1841, 1941, 3825, 3925 and new 4k).I managed them from inside interface and to do that I have this configuration :access-list 1 permit a.b.c.dsnmp-server community xxxxx RO 1 that works well. But in scanning all udp ports ...
I have 2 WS-C3850-48T on the stack with C3850-NM-4-10G.My goal is to do Channel-Port with 4 Port 10G to have 40G on the Link.can this Work ??? this module support 40G without a license or anything ?? Best Regards.