Port Security Violation CBS250-8PP-D

bastionrumble · ‎07-12-2023

Hi all,

I have just installed a CBS250-8PP-D and have enabled port security. In ACE I have created a rule such that if any traffic originating from UNKNOWN mac address, the port will shutdown.

However, the port have shutdown even though no other device has been connected. I am trying to get the logs to see what mac address is causing the violation but all I get is ACL DENY.

Is there a way to get the full log containing the event and the mac address that caused the port violation?

Thank you

Edit:

I have enabled ssh to allow me to enter the cli, and have tried the following commands:

show log

however it does not show me the mac address that caused the violation (only ACL DENY)

pieterh · ‎07-13-2023

inspect the ACL
does it have an explicit deny statement at the end ? (if not it has an implicit deny statement at the end)
if not explicit -> add it and enable logging

DanielP211 · ‎07-13-2023

I guess the ACL DENY log is unrelated to your issue. Try reseting the port, and paste the configuration you added on the port. Did you add sticky mac-address?

****Kindly rate all useful posts*****

bastionrumble · ‎07-16-2023

Hi all,

@DanielP211 my device does not have this "sticky" mac-address option in the settings, under which category do you find it?

@pieterh I was using shutdown previously, have changed it to deny and enabled logging. For my case, I do not see the mac address, instead I see the IPV6 address of a PC.

This should not be blocked as the mac address from the PC is already whitelisted, is there anyway to see the mac address that it caught? The sticky function is not available in the webUI.