cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
821
Views
0
Helpful
3
Replies

Port-Security Problem

Scahill07
Level 1
Level 1

Hello,

I'm having an issue with port-security on a cisco 2950 switch.

The port-security is setup to user sticky mac-addresses and was working just fine. Recently when a computer was changed out and I needed to clear the security on the port it wouldnt let me.

I would type clear port-security sticky int fa0/## and it would give me an error. The error would be that the sticky command doesn't exist.

So I went back and type clear port-security ? and the only option was dynamic. Even if I try to take the port security off the switch it wont let me, it never shows the option for sticky.

If I change the maximum number of mac-addresses allow the computer will work, but I can never clear the old addresses out.

Does anyone know how to resolve this issue?

3 Replies 3

Do you have already try these:

To delete a dynamic secure MAC address from the address table, use the clear port-security dynamic address mac-addr privileged EXEC command.

To delete all the dynamic addresses on an interface, use the clear port-security dynamic interface interface-id privileged EXEC command.

To delete sticky secure MAC addresses from the address table, disable sticky learning, which converts the sticky secure MAC addresses to dynamic secure addresses. Use the no switchport port-security mac-address sticky interface configuration command. Delete dynamic secure addresses on an interface by using the clear port-security dynamic interface interface-id privileged EXEC command.

To delete a dynamic secure MAC address, use the clear port-security dynamic address mac-addr privileged EXEC command.

Regards.

The problem is I cant delete sticky learning. The switch doesn't recognize the command  no switchport port-security mac-address sticky. If I put in a ? instead of sticky at the end, the only option is shows is dynamic.

Hi Brian,

what does the interface-config look like?

I assume there is a line like

switchport port-security mac-address sticky xxxx.xxxx.xxxx

where "xxxx.xxxx.xxxx" is the MAC-address of the device you want to remove.

Delete this line with the "no" form of the entire command, this should work.

Hope that helps

Rolf

Review Cisco Networking for a $25 gift card