12-23-2016 08:09 AM - edited 03-08-2019 08:41 AM
I'm removing port-security from our environment, and I have one port on two different switches that I cannot remove switchport port-security maximum. Both likely have a phone with pc attached to it (standard deployment).
Everytime I try to remove it on those two ports i get: Maximum is less than number of currently secured mac-addresses
switch(config)#int g1/0/7
switch(config-if)#no switchport port-security max
Maximum is less than number of currently secured mac-addresses.
switch#show port-security int g1/0/7
Port Security : Disabled
Port Status : Secure-shutdown
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 3
Total MAC Addresses : 2
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address:Vlan : d478.56b6.f590:672
Security Violation Count : 1
All port-security has been dynamic, nothing static. I've shut down the port and tried to remove it, i've tried clearing mac address, clearing port-security, defaulting the interface (which clears out everything except that line), pretty much everything short of rebooting the switch, which I'm guessing would resolve the issue.
Anyone seen this?