06-06-2013 09:52 AM - edited 03-07-2019 01:45 PM
Hello,
I'm having an issue with port-security on a cisco 2950 switch.
The port-security is setup to user sticky mac-addresses and was working just fine. Recently when a computer was changed out and I needed to clear the security on the port it wouldnt let me.
I would type clear port-security sticky int fa0/## and it would give me an error. The error would be that the sticky command doesn't exist.
So I went back and type clear port-security ? and the only option was dynamic. Even if I try to take the port security off the switch it wont let me, it never shows the option for sticky.
If I change the maximum number of mac-addresses allow the computer will work, but I can never clear the old addresses out.
Does anyone know how to resolve this issue?
06-06-2013 10:41 AM
Do you have already try these:
To delete a dynamic secure MAC address from the address table, use the clear port-security dynamic address mac-addr privileged EXEC command.
To delete all the dynamic addresses on an interface, use the clear port-security dynamic interface interface-id privileged EXEC command.
To delete sticky secure MAC addresses from the address table, disable sticky learning, which converts the sticky secure MAC addresses to dynamic secure addresses. Use the no switchport port-security mac-address sticky interface configuration command. Delete dynamic secure addresses on an interface by using the clear port-security dynamic interface interface-id privileged EXEC command.
To delete a dynamic secure MAC address, use the clear port-security dynamic address mac-addr privileged EXEC command.
Regards.
06-06-2013 12:23 PM
The problem is I cant delete sticky learning. The switch doesn't recognize the command no switchport port-security mac-address sticky. If I put in a ? instead of sticky at the end, the only option is shows is dynamic.
06-06-2013 10:36 PM
Hi Brian,
what does the interface-config look like?
I assume there is a line like
switchport port-security mac-address sticky xxxx.xxxx.xxxx
where "xxxx.xxxx.xxxx" is the MAC-address of the device you want to remove.
Delete this line with the "no" form of the entire command, this should work.
Hope that helps
Rolf
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide