Hi,
I am curious to find out why i face the following situation.
I have a customer who has two pfsense firwalls, and has set up CARP.
You know the configuration with the virtual IP, which stands for router redundancy.
From my side, i am using cisco catalyst.
Customer's two pfsense are connected on 2 different ports.
Every time Customer looses one of two routers, i am getting port security violation.
%PORT_SECURITY-SP-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0000.5e00.xxxx on port GigabitEthernet1/2
Config of two switchports
switchport
switchport access vlan xxx
switchport mode access
switchport port-security
switchport port-security maximum 700
switchport port-security aging time 120
switchport port-security violation restrict
switchport port-security aging type inactivity
no logging event link-status
storm-control broadcast level 10.00
no cdp enable
spanning-tree bpdufilter enable
spanning-tree bpduguard enable
end