Solved: Port status is Secure-down but connected

Raven1314 · ‎11-15-2022

Hi,
The Cisco Switch port is secured-down with 1 violation count but the port security is disabled, however the port is still active and connected with green light. I have tried replug in the ethernet cable, shut & no shut and turned the port security on and off.

I'm trying to get the port secure-up again.
Let me know if any more information is needed and any advice would be grateful, Thanks.

#show port-security interface gigabitEthernet 0/4
Port Security : Disabled
Port Status : Secure-down
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 0
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address:Vlan : xxxxxx
Security Violation Count : 1

#show int gi0/4 status
Port Name Status Vlan Duplex Speed Type
Gi0/4 connected xx a-full a-1000 10/100/1000Ba

David Ruess · ‎11-15-2022

Hello,

Secure-down means port security is not enabled on the port. If you want to see Secure-Up you will need to enter the "switchport portsecurity" command on the interface.

Can you also "show int <int> switchport"

-David

View solution in original post

MHM Cisco World · ‎11-15-2022

See comment below

Raven1314 · ‎11-15-2022

Hi
For "show port-security address" I do not see one for that port
I did show a "show mac address-table int gi0/4", the mac address is the same as Last Source Address:Vlan mac address

MHM Cisco World · ‎11-15-2022

See comment below

Raven1314 · ‎11-15-2022

Hi
I did found another port with the same Mac address, so i cleared that and did a shut down and no shut down on Gi/04, it didn't make a difference. I will try unplug the ethernet and clear the address on that port as well

MHM Cisco World · ‎11-15-2022

See comment below

Raven1314 · ‎11-15-2022

Edit:
I did the port-security dynamic interface Gi0/4 after shut down then no shut and on show Mac address-table it doesn't show that port any more. Last Source Address:Vlan still have a mac address, i do need to unplug the cable and then do it?

MHM Cisco World · ‎11-15-2022

Can you share port-secuirty mac table for that mac.

Raven1314 · ‎11-15-2022

As in share show mac address-table content?

MHM Cisco World · ‎11-15-2022

Show port-secuirty address

That what i want to see

David Ruess · ‎11-15-2022

Hello,

Secure-down means port security is not enabled on the port. If you want to see Secure-Up you will need to enter the "switchport portsecurity" command on the interface.

Can you also "show int <int> switchport"

-David

Raven1314 · ‎11-15-2022

Oh Secure-down means there is not security?!
I've been understand it wrong all this entire time.....
Thank you. Now i know the problem isn't the switch, thank you...

siphongcobo84@gmail.com · ‎07-23-2023

Hi Team

Please assist I have the same problem port fa0/2 is disable did enable it with switchport port-security

werytun127444d#conf t

werytun127444d#conf terminal

Enter configuration commands, one per line. End with CNTL/Z.

werytun127444d(config)#int

werytun127444d(config)#interface fa0/2

werytun127444d(config-if)#sw

werytun127444d(config-if)#switchport mo

werytun127444d(config-if)#switchport mode acc

werytun127444d(config-if)#switchport mode access

werytun127444d(config-if)#sw

werytun127444d(config-if)#switchport po

werytun127444d(config-if)#switchport port-security ma

werytun127444d(config-if)#switchport port-security mac

werytun127444d(config-if)#switchport port-security mac-address st

werytun127444d(config-if)#switchport port-security mac-address sticky

werytun127444d(config-if)#sw

werytun127444d(config-if)#switchport po

werytun127444d(config-if)#switchport port-security max

werytun127444d(config-if)#switchport port-security maximum 1

werytun127444d(config-if)#sw

werytun127444d(config-if)#switchport po

werytun127444d(config-if)#switchport port-security vi

werytun127444d(config-if)#switchport port-security violation no sh

werytun127444d(config-if)#switchport port-security violation unshu

werytun127444d(config-if)#switchport port-security violation no shutdown

siphongcobo84@gmail.com · ‎07-23-2023

The Stutas of the port is shows that it down, I want secure- up how can I configure this port

werytun127444d#show por

werytun127444d#show port-security int

werytun127444d#show port-security interface fa0/2

Port Security : Enabled

Port Status : Secure-down

Violation Mode : Shutdown

Aging Time : 0 mins

Aging Type : Absolute

SecureStatic Address Aging : Disabled

Maximum MAC Addresses : 1

Total MAC Addresses : 0

Configured MAC Addresses : 0

Sticky MAC Addresses : 0

Last Source Address:Vlan : 0000.0000.0000:0

Security Violation Count : 0

MHM Cisco World · ‎11-15-2022

If the port secuirty is disabled why violate count is increasing!!!!!!

Good luck