Switch por-security - - - Security Violation Count

valebaf88 · ‎04-26-2015

I have some question with a device cisco 3400 metroaccess.

In a interface i have this config.

3400_METROACESS#sh run int g0/1
Building configuration...

Current configuration : 449 bytes
!
interface GigabitEthernet0/1
description
switchport access vlan 192
switchport port-security
switchport port-security violation restrict
bandwidth 800000
load-interval 30
media-type rj45
speed 1000
duplex full
mac access-group Block-Invalid-ERS-Frames in
service-policy input 800M
service-policy output LIMIT_QQ1
end

3400_METROACESS#sh port-security int g0/1
Port Security              : Enabled
Port Status                : Secure-up
Violation Mode             : Restrict
Aging Time                 : 0 mins
Aging Type                 : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses      : 5
Total MAC Addresses        : 2
Configured MAC Addresses   : 0
Sticky MAC Addresses       : 0
Last Source Address:Vlan   : XXXX.XXXX.XXXX:192
Security Violation Count   : 3515----------------------------------------->what is the default parameter or the petitions permited, for the security violation take the action mode.

I have many logs from the int g0/1

Apr 23 16:08:37: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address XXXX.XXXX.XXXX on port GigabitEthernet0/1.

Thanks you for your help.

Best Regards!!

tfidriss1 · ‎04-26-2015

The default (initial) count is 0, the number increases everything there is a violation.

you can reinitialize (clear) that counter by using the command : clear port-security all int g 0/1