Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5239
Views
11
Helpful
7
Replies

Port security error disabled

jmprats
Level 4
Level 4

‎05-16-2017 04:37 AM - edited ‎03-08-2019 10:36 AM

Hello, I have configured port security on each port with mac-address sticky.

Many ports are in the err-disabled state because they are detecting a mac-address security violation.

I'm sure the mac-address detected are not connected to those ports

What could be happening?

Thanks

1 person had this problem
Labels:
0 Helpful
7 Replies 7

cofee
Level 5
Level 5

‎05-16-2017 04:50 AM

If a mac address is learned on a port that has mac-address sticky configured and then if you move that machine to another port on the same switch without clearing its mac address from the previous port it can go to err-disable state.

The other thing you can check is the limit how many mac addresses can be learned on the port that has port security configured before security violation policy is triggered, I think by default it's 1 and can be raised.

jmprats
Level 4
Level 4
In response to cofee

‎05-16-2017 04:50 AM

I'm not moving any machine

I limit to one mac per port

The mistery is the swtich is dectecting on port 4 the mac from port 6, so is blocking port 4

0 Helpful

cofee
Level 5
Level 5
In response to jmprats

‎05-16-2017 05:01 AM

Can you run following commands on port 4:

show port-security interface x

show port-security address xxxxx (replace x with mac of devices that's connected to port 6)

also clear the sticky mac addresses from both port 4 and 6, that should fix the issue

jmprats
Level 4
Level 4
In response to cofee

‎05-16-2017 05:20 AM

I fix the problem clearing the sticky mac address.

But some time later I have the same problem

0 Helpful

cofee
Level 5
Level 5
In response to jmprats

‎05-16-2017 05:43 AM

Please share port security configuration from both ports and also any logs related to port security violation. Do you have user desktops connected to these ports?

Output from this command as well:

show port-security interface x (port 4 and 6)

0 Helpful

Norskdan
Level 1
Level 1

‎11-13-2018 01:23 AM

Hello
I have the same issue, port-security violations caused by other mac addresses from the vlan being detected on interfaces (even if that pc with mac address is shutdown). I have all interfaces on multiple switches in the same trunked vlan logging up to 13000 violations so far. The violations occurred for 2 days thur-sat then stopped and started again on Monday at 19:30.
Did you get a resolution to your issue?
Has anyone else seen this behaviour?
I have changed my setting to restrict to remain up but I suspect this to be a code error perhaps but can't find anything specific so far.
I have a mix of Dell force 10 s4810 (yuk!) Cisco 6509e, 4507e .
0 Helpful

paul driver
VIP
VIP
In response to Norskdan

‎11-13-2018 05:41 AM

Hello

Post the port-security configuration of you switch(s) please


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents