06-23-2010 04:29 AM - edited 03-06-2019 11:43 AM
Hi.
We are testing port-security in Cat4510+Sup6E with ip phone switch ports (7911 ip phones).We are trying with the following configuration:
interface GigabitEthernet4/35
description Usuario
switchport access vlan 251
switchport mode access
switchport voice vlan 261
switchport port-security maximum 3
switchport port-security maximum 2 vlan access
switchport port-security maximum 1 vlan voice
switchport port-security
switchport port-security violation restrict
no logging event link-status
load-interval 60
no snmp trap link-status
spanning-tree portfast
spanning-tree bpduguard enable
service-policy output pm_trusted
vlan-range 251
service-policy input pm_accesodat
vlan-range 261
service-policy input pm_accesovoz
If we connect ip phone to switchport, ip phone works fine, but if we connect PC belonging to ip phone, a security-violation occurs and port is shutted down and Ip phone and PC doesn´t works. We have tried only with "switchport port-security maximum 3", and fixing maximum mac addres for voice and data vlans (1 and 2. but it doesn´t work. Taking a view to switch log when we connect pc to ip phone:
090543: Jun 23 13:08:52 CEST: %AUTHMGR-5-SECURITY_VIOLATION: Security violation on the interface Gi4/35, new MAC address (001c.c0e4.c9f4) is seen.
090544: Jun 23 13:08:52 CEST: %AUTHMGR-5-SECURITY_VIOLATION: Security violation on the interface GigabitEthernet4/35, new MAC address (001c.c0e4.c9f4) is seen.
090545: Jun 23 13:08:52 CEST: %PM-4-ERR_DISABLE: security-violation error detected on Gi4/35, putting Gi4/35 in err-disable state
090546: 147038: .Jun 23 13:08:52 CEST: %PM-4-ERR_DISABLE: STANDBY:security-violation error detected on Gi4/35, putting Gi4/35 in err-disable state
001c.c0e4.c9f4 is pc mac address.
Can you help us to troubleshoot what is happening?
Thanks
I think security-violation occurs because switc