Hi Ganesh,

thnku for the info. I have the commands to configure errdisable recovery commands but my problem is that the switch

m using(cisco-2924) doen't support errdisable recovery command for "psecure violation" and "security reject" . Could u plz tell

me how can i solve this problem.

you need to upgrade your soft to Release 12.0(5)WC5 .

you can use this tool (http://tools.cisco.com/Support/CLILookup/cltSearchAction.do) to find solution for similar problems

Hi,

Upgarde the IOS to Cisco IOS Release 12.0(5)WC5 and then check !!

Check out the below link alsoon Release Notes for the Catalyst 2900 XL and Catalyst 3500 XL Switches,Cisco IOS Release 12.0(5)WC17

http://www.cisco.com/en/US/docs/switches/lan/catalyst2900xl_3500xl/release12.0_5_wc17/ol256213.pdf

Hope that helps your query !!

Regards

Ganesh.H

I got IOS version -12.0(5)WC17 installed in 2900 series switch, would this version support to configure "PSECURE" commands?

regards,

rammi

Yes it should work !!

Regards

Ganesh.H

No yaar , still m unable to configure commands of psecure violation as there is no such option available . I can only configure such commands for UDLD cause. Moreover when PSECURE VIOLATION occured, i have gone tru the syslog msgs and  m suprised to see that the mac-adress which  violated the port matches with the mac-address of the pc connected to that port. It means that the mac-address allowed on that port itself causing violation. why it is happening like this? How could the same mac cause violation ?

I have configured port security in the following way:

switchport port security

switchport port security max 1

switchport port security violation shutdown

According to the above commands the "max1" in the second command binds one mac-address on the port and the third command puts the port to "shut"

if it encounters different mac-address but in my case the allowed mac itself causing violation. PLz help me.

regards,

rammi

It means that there can only be ONE MAC address this port will ever listen or learn.  And if there is bound to be more than one MAC address, the port will be shutdown or put into error-disable.

Hi,

Just bind the mac-address with the interface and then check what happen.

configure switchport      port-security mac-address {MAC address} and see the result.

HTH

Regards

Ganesh.H

Ok will try that command. One more doubt, do vista pc breaks the port security? I mean that if vista pc connected to a secured port, will that secured port allow that  mac or puts the port to admin down? M asking this because one of my friend connected one vista pc to secured port with out my knowledge and he was able to acces lan on secured port now. How it could happen? 

regards,

rammi

It should not happen as all swithcport security works  on mac based so what ever is the source end,you need to check out the switcport security in switch end why that pc has got access after connecting into switch.

HTH

Regards

Ganesh.H

Hi all,

i would like to write CCNA exam. Could any one pls guide me how to prepare for it. I need

latest CCNA-640-802 dumps, previous question papers and free simulators, plz plz plz help me yaar.

regards,

rammi

Hi all,
i would like to write CCNA exam. Could any one pls guide me how to prepare for it. I need
latest CCNA-640-802 dumps, previous question papers and free simulators, plz plz plz help me yaar.
regards,
rammi

Hi Rammi,

It will be helpful if your problem has been resolved then mark this thread as resolved and do rate the valauble post  and ask these type of question in certification forum.

Regards

Ganesh.H