11-20-2019 11:15 AM
How can we disable Port Security on SG switches?
adTHANKSvance!
11-20-2019 11:51 AM
Hello,
which switch model are you talking about ? On the 350/350X/550X, you go to Security --> Port Security and then deselect the 'Interface Status' to unlock the port (page 317 of the attached admin guide)...
https://www.cisco.com/c/dam/en/us/td/docs/switches/lan/csbms/350xg/admin_guide/AG_Tesla_350_550.pdf
11-20-2019 06:27 PM
I assume by "deselect the 'Interface Status' " you mean change a Locked port to Unlocked.
But what I mean by "Disable Port Security" is turn off Port Security for all ports, so no ports will be ever be Locked. I've tried every trick I can think of in the GUI. And from the CLI I've done...
no port security max
no port security mode
no port security
...for every interface, and still the ports are getting locked.
These are SG350 and SG300 switches.
Thanks!
08-26-2020 07:34 PM
Did you ever find the answer to this.. having the exact same issues with 7 recently deployed SG350-52P's -- unlock them all via GUI / Set to Unlock and random ports re-lock...
Did the same on each interface via CLI and they still re-locked...
Thanks
Brady
11-21-2019 04:07 AM
11-21-2019 04:43 AM
Hello,
odd indeed. What if you apply the 'no_desktop' smartport macro (page 191 of the attached guide) to the port ?
https://www.cisco.com/c/dam/en/us/td/docs/switches/lan/csbms/350xg/admin_guide/AG_Tesla_350_550.pdf
12-11-2020 02:56 PM
We've seen this a bunch. The port security is set to on by default, which was unexpected and problematic as a result, because it was blocking stuff all over the place.
However, even when we disabled port security in the GUI and through the command line, we're seeing ports continue to get locked up.
We're on our third support call to Cisco to see how we can get this fixed, because we just deployed these switches all over.
Allegedly firmware 2.5.5 and later will disable Smartport by default. We upgraded, but are still having issues.
12-23-2020 02:58 PM - edited 12-23-2020 02:58 PM
I have the same issue. No matter what i try the stupid switch randomly locks up ports and to make it worse it doesn't even show it's locked in the GUI. Cisco really made a mess of this switch series.
03-09-2021 09:22 AM
It seems the settings built into the macros for Smartports turns on port security and sets dynamic locking on the ports with several of the built-in macros. It appears the port security setting may not be looking at the dynamic hosts portion of the configuration. We can set 256 hosts, plug the same device in and at some point port security seems to lock the port anyway, thus rendering it useless.
This is definitely different behavior than we saw the earlier SG300 and SG500 series switches.
Has anyone developed a workaround that doesn't involve disabling Smartports entirely?
03-09-2021 09:27 AM - edited 03-09-2021 09:28 AM
It also appears when there is a bunch of LLDP, EEE, and/or possibly CDP traffic on the switch that it seems to get confused and just decides to lock some or all of the ports that have dynamic locking enabled.
09-22-2023 09:23 AM
Was this problem resolved, have the same problem?
12-12-2023 02:18 AM
Try this,select "Learning Mode: Classic Lock" for an interface , copy it and apply it to all interface.
For now it works for me
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide