cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

287
Views
0
Helpful
4
Replies
Highlighted
Beginner

Port Security Issue

Hi all.

 

We recently implemented port security on almost all of our access catalyst 2960-x switches, but are encountering some issues whereby if USER1 uses his laptop on a configured port-security port, he will be able to access internet (or any network resources) compared to if he uses his laptop on a different non-configured port-security switch whereby he wont be able to access any network resources (even ping fails) unless, port-security is turned off from his original access switch

 

Note:

1. Switches are trunked together

2. Access vlan is 1

 

Running-Config (Port Security Switch):

SW-01-SEC#sh run int gig1/0/1
Building configuration...

Current configuration : 265 bytes
!
interface GigabitEthernet1/0/1
 switchport mode access
 switchport voice vlan 100
 switchport port-security maximum 2
 switchport port-security
 switchport port-security mac-address sticky
 mls qos trust cos
 spanning-tree portfast

 

 

Running-Config (Non Port-Security Switch):

 interface GigabitEthernet1/0/37
 switchport voice vlan 100
 mls qos trust cos
 spanning-tree portfast

 

 

Can anyone assist as to why this issue is happening?

 

 

Everyone's tags (2)
4 REPLIES 4
VIP Advisor

Re: Port Security Issue

Hi

I have not faced this issue before but you could try appling aging time under each interface with port security

 

switchport port-security aging type inactivity

switchport port-security aging time <aging time in minutes>

 

It will remove the inactive mac address into a specific time. 

 

show port-security interface <interface> ; in order to see how it is applied. 

 

Hope it is useful

:-)

Beginner

Re: Port Security Issue

Hi Julio,

 

Thank you for your prompt reply. Unfortunately, this is not a viable solution as it will defeat the whole purpose of access control.

 

Is there any other solution you can think of that will do the trick?

VIP Advocate

Re: Port Security Issue

Hi,

I am not sure, but theoretically, I can understand that maybe will face issue with port security with sticky. Please convert to dynamic. 

 

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution If this comment will make help you!
Beginner

Re: Port Security Issue

Unfortunately, configuring static entry did not resolve the issue.

CreatePlease to create content
Content for Community-Ad