Hi, i have a strange problem in my campus network.im trying to run port security on my access switches which they are 3550 with ios
c3550-ipservicesk9-mz.122-52.SE when i run the port security with Sticky option, even i put 1000 mac address for just learning on the port but when i issue the switchport port-security command every pc connected to that port loses its connection with network UNTIL i enable dhcp snooping!!! all my client are getting they ip address from DHCP server but strange thing is that how on earth i have to enable DHCP snooping to port security work properly? also when i check the configuration under the interface when dhcp snooping is not yet enabled switch doesnt add any mac address under the interface so no one can work until i enable snooping and then switch adds mac addresses under the interface configuration.is this Bug on this version of IOS???? please help me i dont know what is wrong.... thanks in advance
this is configuration of a port that my clients are attached to:
I don't think you need to enable dhcp snooping for port-security to work. I have switches where I only have port-security enabled and work just fine. what is the error log show when pcs loose connectivity? And I assume ports with port-security enabled have only PCs/phone connected to it?
Hi, thank you guys for your reply's, i have to mention that fast 0/24 connects to 20 to 30 pc and i just put 1000 mac address in the configuration just for testing even i know there is not that much users on that port. about show port-security output i have to say when my PC's are disconnected because of enabling the port sec i checked the out put and switch shows nothnig violated and shows that every thing is ok(port sec status). i have to mention that the even i have configured 1000 mac, port security cant see any mac address from users to put under the port 0/24 when DHCP snooping is disabled BUT when i enable DHCP snooping then my port sec works and switch puts learned mac address's under the port 0/24... i think problem is Switch cant learn mac addresses to put them in port sec learned mac database because my dhcp snooping is not enabled!!!! i haven't seen this kind of problem in my entire life!! what do you suggest ?? thanks