hi All,

Need some help with cisco 3850, we are seeing a bunch of MAC addresses on a single port that have one IP phone and a desktop connected to it. We have a port security maximum 4 configured and for testing we have increased it to 10 and it still hiting the maximum Mac address, and making the port go to err-disabled state.   I have tried looking into the other random MAC addresses and found that its a valid MAC address from another port on the same switch or from port from other switches but all from the same VLAN.

We have tried bypassing the IP phone but to no avail.

And we are having same issue on serveral ports where a desktop is connected.

Here is the port config:

interface GigabitEthernet2/0/16
 switchport access vlan 112
 switchport mode access
 switchport voice vlan 184
 switchport port-security maximum 10
 switchport port-security aging time 2
 switchport port-security aging type inactivity
 switchport port-security

from show log:

Feb 20 12:59:50.302 : %PM-4-ERR_DISABLE: psecure-violation error detected on Gi2/0/16, putting Gi2/0/16 in err-disable state
Feb 20 12:59:50.306 : %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0050.b670.0b74 on port GigabitEthernet2/0/16.

Thanks in advance!!!