cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
404
Views
0
Helpful
3
Replies

Get err-disable for some NAC ports

Mahmoud Marie
Level 1
Level 1

Hello, 

We used ARUBA CPPM as NAC authentication for our Cisco switches (9200, 2960) but we have an issue that some users get err-disabled after a while as the below log:

10638546: Jan 11 08:04:26: %AUTHMGR-5-SECURITY_VIOLATION: Security violation on the interface FastEthernet0/28, new MAC address (0001.b18f.3a65) is seen.AuditSessionID Unassigned
10638547: Jan 11 08:04:26: %PM-4-ERR_DISABLE: security-violation error detected on Fa0/28, putting Fa0/28 in err-disable state

Any help please

Thanks

3 Replies 3

Reza Sharifi
Hall of Fame
Hall of Fame

Hi,

There appears to be a security violation at that port. Make sure there is no switch or hub with multiple devices connected to port 0/28.

HTH

 

Hi Reza,

Thank you for your reply

The port connected to Cisco phone and the PC connected to the Phone. 

Thanks

Hello,

can you post the configuration of one of the ports that generates the error ?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco