Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2156
Views
0
Helpful
6
Replies

Port shutdown due to port security?

elsa.yu01
Level 1
Level 1

‎08-19-2015 12:51 AM

I set a port security for one port, after I  did this config about 3 mins, this port shutdown. But I check my configuration, the mac address is correct.

What will cause this happen? Can somebody help me check with this? Thank you!

2015 Aug 19 13:41:50 GMT +08:00 %SECURITY-1-PORTSHUTDOWN:Port 3/48 shutdown due to security violation 00-14-22-2b-44-c3

show port 3/48

ort  Num-Addr Secure-Src-Addr     Vlan Age-Left Shutdown/Time-Left
----- -------- -----------------   ---- -------- ------------------
 3/48        1 00-14-22-2b-44-c3 *   44        -       no         -

Labels:
0 Helpful
6 Replies 6

Aztec_
Level 1
Level 1

‎08-19-2015 12:54 AM

Hello Elsa, can you post complete running configuration on port 3/48 ?

What device 3/48 connected to?

0 Helpful

elsa.yu01
Level 1
Level 1
In response to Aztec_

‎08-19-2015 01:04 AM

Hi Tommy,

You can see from my captures about the detail information. Port 3/48 connect to a Tool. Recently they replaced the computer of this tool. After they replaced it , I enabled the port security again. As I mentioned a few mins after I enable the port security, the port shutdown. I don't know whether it is caused by my operation or not.

Preview file
26 KB
Preview file
106 KB
0 Helpful

Aztec_
Level 1
Level 1
In response to elsa.yu01

‎08-19-2015 01:21 AM

Looking for "2015 Aug 19 13:41:50 GMT +08:00 %SECURITY-1-PORTSHUTDOWN:Port 3/48 shutdown due to security violation 00-14-22-2b-44-c3" on your first post, i think you need to check your port security.

 

1. How do you configure the MAC Address? static / sticky / dynamic?

2. By saying "tool", means 3/48 is not connected to end device, am i correct? what kind of tool?

 

I see 2 VLANs on the screen capture, 44 & 312. And only 1 MAC allowed on this port.

If i were you, i'll disable port security for about 1 or 5 minutes then see how many MAC learned through that port, after that i'll re-adjust port-security configuration.

0 Helpful

elsa.yu01
Level 1
Level 1
In response to Aztec_

‎08-19-2015 06:17 PM

1.set port security 3/48 enable age 0 max 1 shutdown 0 unicast-flood enable violation shutdown  it's catos

2. It's a tool in fab. I'm not familiar with it. I only know the tool has a computer to control it. And we will use the mac of the computer to config the port security.

44,312 this is private vlan

I am confused about  the mac in the log is the same with the configured MAC address, why can this happen? Normally when they are not the same will cause shutdown, right?

0 Helpful

Aztec_
Level 1
Level 1
In response to elsa.yu01

‎08-19-2015 06:50 PM

Well, it supposed to work like what you said. I'm still curious how many actual MAC going through that port. Have you remove port-security completely before show cam table?

Anw, is "age 0" in the command means no limit? im not familiar with CAT os, but refer to this page , it can be configured without aging time.

0 Helpful

elsa.yu01
Level 1
Level 1
In response to Aztec_

‎08-19-2015 01:10 AM

And when I show cam dynamic 3/48. There is no mac address.

* = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.
X = Port Security Entry $ = Dot1x Security Entry M = Mac-Auth-Bypass Entry

                                               Destination Ports or
VLAN  Dest MAC/Route Des    [CoS]     Age      VCs / [Protocol Type]
----  ------------------    -----  ----------  ---------------------
Total Matching CAM Entries Displayed = 0

0 Helpful
Customers Also Viewed These Support Documents