cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
758
Views
0
Helpful
4
Replies

Port Security Issue

Jose-Net
Level 1
Level 1

Hi all.

 

We recently implemented port security on almost all of our access catalyst 2960-x switches, but are encountering some issues whereby if USER1 uses his laptop on a configured port-security port, he will be able to access internet (or any network resources) compared to if he uses his laptop on a different non-configured port-security switch whereby he wont be able to access any network resources (even ping fails) unless, port-security is turned off from his original access switch

 

Note:

1. Switches are trunked together

2. Access vlan is 1

 

Running-Config (Port Security Switch):

SW-01-SEC#sh run int gig1/0/1
Building configuration...

Current configuration : 265 bytes
!
interface GigabitEthernet1/0/1
 switchport mode access
 switchport voice vlan 100
 switchport port-security maximum 2
 switchport port-security
 switchport port-security mac-address sticky
 mls qos trust cos
 spanning-tree portfast

 

 

Running-Config (Non Port-Security Switch):

 interface GigabitEthernet1/0/37
 switchport voice vlan 100
 mls qos trust cos
 spanning-tree portfast

 

 

Can anyone assist as to why this issue is happening?

 

 

4 Replies 4

Hi

I have not faced this issue before but you could try appling aging time under each interface with port security

 

switchport port-security aging type inactivity

switchport port-security aging time <aging time in minutes>

 

It will remove the inactive mac address into a specific time. 

 

show port-security interface <interface> ; in order to see how it is applied. 

 

Hope it is useful

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<