Command rejected: Conflict with IPSG.

s.harvey1 · ‎01-27-2017

I have tried to change the Switch port mode on this interface as i have done for previous ones but i receive the below error -

MBA-Switch-05(config-if)#no switchport mode trunk
Command rejected: Conflict with IPSG.
Remove Static Source Binding before changing port mode.

nothing is patched in to this interface and config is -

MBA-Switch-05(config-if)#do show run int fa0/6
Building configuration...

Current configuration : 182 bytes
!
interface FastEthernet0/6
description spare
switchport mode trunk
carrier-delay 4
priority-queue out
mls qos trust cos
no snmp trap link-status
spanning-tree portfast
end

can anyone help please ? i am by no means an expert so ill apologize now in advance.

Cheers

Reza Sharifi · ‎01-27-2017

Have a look at this doc. You need to disable ip source guard.

IPSG is a security feature that restricts IP traffic on nonrouted, Layer 2 interfaces by filtering traffic based on the DHCP snooping binding database and on manually configured IP source bindings. You can use IP source guard to prevent traffic attacks if a host tries to use the IP address of its neighbor.

You can enable IP source guard when DHCP snooping is enabled on an untrusted interface. After IPSG is enabled on an interface, the switch blocks all IP traffic received on the interface except for DHCP packets allowed by DHCP snooping. A port access control list (ACL) is applied to the interface. The port ACL allows only IP traffic with a source IP address in the IP source binding table and denies all other traffic.

link;

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/12-2_55_se/configuration/guide/3750xscg/swdhcp82.html

HTH