cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1127
Views
0
Helpful
3
Replies

MAC address registering on different port

Jason Lamping
Level 1
Level 1

I am having an issue where MAC addresses from my user PC's are registering on different ports than the ones they are plugged in to.  I have my PC's plugged in to my Cisco phones (most of which are 7941's), and then patched back to my switch, (4507 or 4006).  The issue is that a user will be working fine, they will have both their PC and Phone MAC's registered on the correct prot and then with out intervention the PC MAC addresses will register itself with another physical port and the user will pull a 169.x.x.x address and have not access to the network.  This is happening to multiple users all of which are hardwired.  Port security is configured to allow 3 MAC's, obviously if I change that to 2 it will not allow an incorrect MAC's to register with that port, but I would like to know why this is happening.  Both the 4507 and 4006 have been up for 1 year and 33 weeks.  The fix has been to find out where their MAC has registered it self, unplugg that PC from the phone, and let the port security aging time (2min) clear all MAC's from the port.  This, as you can imagine is a pain to administer, painful for the useres, and pretty emabarassing our team.  Any help is greatly appreciated.

3 Replies 3

Gregory Snipes
Level 4
Level 4

If I understand what you have stated above, you are saying that the PC stays connected to the phone the entire time and does not move, but the MAC address will randomly shift to another port. Is this correct? If so, where is the other port, is it on the same switch or a different switch? What does this other port connect to? If the MAC moves, and you have port security, does the port they are currently connected to produce a violation condition?

Additionaly, are you configuring all of the port security MAC limits as one big pool (switchport port-security maximum 3), or are you deviding it up between the voice and access VLANs (switchport port-security maximum 1 vlan voice, switchport port-security maximum 2 vlan access)?

Yes the PC stays connected to the phone the entire time, and yes the MAC address radomally moves to another port, the other port is always another user port on the same switch.  We have port secuirty set to 3, so if there are only 2 MACs associated the MAC will regsiter with that port, if there are 3 MACs registered already, I will get a port-security violation.  Port security is set to one pool, 3 MAC's regardless of type.

Review Cisco Networking for a $25 gift card