cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
16076
Views
20
Helpful
6
Replies

SG-300 port lock by bpduguard not visible in webGUI ?

guilty_2
Level 1
Level 1

Hi,

we are starting to replace low budget hubs by the SG-300's.

On the accessports we use BPDUguard and mac security (max 1 user per port).

The newest firmware is used (1.1.2.0).

When i lock a port intentionally by connecting e.g. ports 4 and 5 together (something that happens

quite frequently by user-faillure) i do not see this in the WEB gui.

The CLI does tell me that the port is locked:

gi4      1G-Copper      --      --     --     --  Down*          --     --

*: The interface was suspended by the system.

In the webGUI i can reset the port, but in the CLI i don't get how i should do this. I tried a 'shutdown' followed by a ' no shutdown' on

CLI interface level, but that does not lift the suspension state.

Questions:

- Does anyone know if you can lift the suspension state using the CLI ?

- Is there a way to see the lockdown in the webGUI ?

6 Replies 6

rmanthey
Level 4
Level 4

Hello Rob,

  • Enable Fastethernet5
    • •–        switch#set interface active Fastethernet5
    • •–        switch#show mac-address-table
    • •–        switch#show interfaces status

Now remember If the port is still in violation of the Port Security settings then the port will never go active untill you disable port security on that port, change the settings on the port, or remove the device that is causing the security violation.

Cisco Small Business Support Center

Randy Manthey

CCNA, CCNA - Security

Hi Randy,

thanks for your reply. Now we at least can see the violation -and- lift it in the same interface (CLI).

Do you by any chance also know if the webGUI has a place *where* you can see the port is blocked ?

Rob, Randy,

Can you explicit to me how (in CLI) do you lift the violation ? I just had the case and the only thing I did was rebooting the switch, I did not found any other way (no clearing, shut/unshut the interface, disable bpduguard, etc did anything, the interface was still stuck in "suspended by the system"...)

Hi Arnaud,

The command below will lift the violation in CLI:

switch# set interface active gi1

Best,

David

Please rate helpful posts.

Dear,

 

set interface active gi1

this command is working fine.

but i want to know is this port automatically block again or permanently active this port.

 

Nazim Uddin

 

ZawMinHtut06667
Level 1
Level 1

ZawMinHtut06667_0-1661779537703.png

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Switch products supported in this community
Cisco Business Product Family
  • CBS110
  • CBS220
  • CBS250
  • CBS350
Cisco Switching Product Family
  • 110
  • 200
  • 220
  • 250
  • 300
  • 350
  • 350X
  • 550X