cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
252
Views
0
Helpful
3
Replies
Highlighted
Beginner

Cisco 3850 Port Security

Hello

I have a Cisco 3850 that has desktops and printers port secured by MAC address, I need to replace the desktops and printers.

What commands can I use for no port security, then replace the desktops and printers, then port secure by the new MAC adresse's?

Thank you
14944A

3 REPLIES 3
Highlighted
Rising star
Rising star

Re: Cisco 3850 Port Security

Hi

I would first do

show run [interface interface_id]

show port-security [interface interface_id]

to see how port-security is already configured. It's important to note what is already configured .. sticky, max, violation, secure addresses ..  

have a look at this document - 

https://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3.2_0_se/multibook/configuration_guide/b_consolidated_config_guide_3850_chapter_011111.html#concept_AF4C225785F24B95A1052052BC6CD195

 

no switchport port-security to return the interface to the default condition as not a secure port

change the mac-address in the interface config and copy/paste

 

hope this helps 

 

 

Highlighted
Beginner

Re: Cisco 3850 Port Security

Close this, I was expecting an more mature answer I found at another site, come on guys!

 

Remove Old MAC Address

no switchport port-security

no switchport port-security mac-address sticky

no switchport port-security mac-address sticky 0023.044b.75b0 (Current MAC)

 

Add New MAC Address

 switchport port-security

 switchport port-security mac-address sticky

 switchport port-security mac-address sticky 0023.044b.75b0 (Whatever new MAC)

Highlighted
Collaborator

Re: Cisco 3850 Port Security

Hi,

 

   If you have not configured static or sticky MAC addresses, there is nothing to be done, just connect your new devices and the switch will learn the new "secure" MAC addresses. However, if you have used static, you would have to remove those MAC address from each port configuration, and manually configure the new ones; if you used sticky, shutdown the port, remove the sticky MAC addresses, connect the new devices, and reactive the port.

 

Regards,

Cristian Matei.