cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
920
Views
0
Helpful
4
Replies
anarodriguez
Beginner

Prevent dropping of packets in a port-security / 802.1x environment

Hi everbody!

I have a dedicated laptop I use to display some features, when I change the wired connection from a switch to another switch, it drops the packets even though I do authenticate correctly, I have 802.1x configured in the access switches and port-security in the aggregation/core switch, I have configured port-security protect mode, otherwise the aggregation/core switch could just shutdown the port.

Thanks in advance!

Ana Linda.

4 REPLIES 4

Hi

I don't understand what is you issue exactly

But it is some problem in your configuration

You have not use port security in you core and distribute layer

Let me know about your L3 or L2 packet switching. Maybe your packet drop issue is because of these.

Sent from Cisco Technical Support iPad App

smehrnia
Rising star

Hi Ana,

when you configure a port's violation mode in Protected mode, instead of shutting the port down, it drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value.

maybe thats why...

plz Rate if it helped.

Soroush,

Hope it Helps!

Soroush.

I want to use the same laptop (and the same mac address if possible) when trying to display some ISE features in different switches, having both 802.1x and port-security enabled.

I want to know if it's possible, and how to make it possible.

So, I did know it's because the protect mode, but I want to prevent the dropping to happen even with port-security enabled.

amikat
Rising star

Hi,

Can you please post the port configuration of your aggregation/core switch. My view is you are using trunks in between the core/aggregation and access switches and obviously you wish to stay within the same Vlan with your laptop. I understand that you are using port-security at the core/aggregation switch ONLY in addition to 802.1X authentication with the access switches.

Thanks & Regards,

Antonin