cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2072
Views
5
Helpful
2
Replies
Highlighted
Participant

%AUTHMGR-5-SECURITY_VIOLATION: Security violation on the interface GigabitEthernet0/9 new MAC address (900a.a006.2d00) is seen.AuditSessionID Unassigned

We have dot1x/mab up and running and seem to have an odd issue that puts the port into an error state. We've set the port to auto-recover after 60s which it does and then runs for quite a while and then errors out again at different intervals.

Log shows:

%AUTHMGR-5-SECURITY_VIOLATION: Security violation on the interface GigabitEthernet0/9  new MAC address (900a.a006.2d00) is seen.AuditSessionID  Unassigned


even though it's the same phone/pc on the port. The switch is an old 3560G running 15.0.10 which we are using for testing prior to putting dot1x/mab into production.

Any idea of what could be causing this to happen?

Everyone's tags (1)
2 REPLIES 2
Cisco Employee

Re: %AUTHMGR-5-SECURITY_VIOLATION: Security violation on the interface GigabitEthernet0/9 new MAC address (900a.a006.2d00) is seen.AuditSessionID Unassigned

Please reference our universal switch configuration guide and compare it to your test switch. If you configuration is similar and you still run into issues, please contact the TAC to troubleshoot further.

Regards,
Tim

Re: %AUTHMGR-5-SECURITY_VIOLATION: Security violation on the interface GigabitEthernet0/9 new MAC address (900a.a006.2d00) is seen.AuditSessionID Unassigned

Hi,

Please check port security is enabled on the interface or not.port security won’t play well with 802.1x as both are l2 security.

You can refer the below document https://community.cisco.com/t5/security-documents/top-ten-mis-configured-cisco-ios-switch-settings-for-ise/ta-p/3643912#toc-hId--1079758048

 

 

-Aravind