Hi Nathan Smith

GodisLord · ‎11-29-2016

This is my first post so I hope to do this correctly.

Anyway, I am messing with port-security on 3750 ((C3750-IPBASEK9-M), Version 12.2(55)SE9) stacks as well as a 3550 ((C3550-IPBASEK9-M), Version 12.2(44)SE6) in my office for testing. I am having an issue with the aging timers working like I think they should. It is my understanding that you can have the following port-security settings and after two minutes (just a number I picked) it should clear the Mac-address and let another device with a different Mac-address connect. Will the current mac-address disapear from the interface as well?

switchport access vlan 517
switchport mode access
switchport voice vlan 617
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
switchport port-security mac-address sticky
switchport port-security aging static
switchport port-security mac-address sticky 0001.8068.d79d
spanning-tree portfast

GodisLord · ‎11-29-2016

When I unplug the first device that has the mac-address listed in the config above and wait for two minutes and try to plug in another device it will not let the second device connect.

panyapon.whaiprom · ‎01-23-2017

Hi Nathan Smith

i found situation like you, i don't know why interface run mac-address sticky is not clear mac address itself and refresh mac-address sticky when aging time set after unplug device.

Port-Security aging timer not working

Port-Security - Configuração Básica

[原创]port-security特性演示

【原创】思科交换机Port Security测试

Port-Security Not Working Properly

Port-Security Aging Timers absolute vs inactive