Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
967
Views
4
Helpful
16
Replies

security breach message on switch

Go to solution
AnaGRojas
Level 1
Level 1

‎03-12-2024 05:32 AM - edited ‎03-12-2024 12:23 PM

Hello, good morning, several months ago, I got this message 

%PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0001.0100.00c1 on port GigabitEthernet2/0/11.
%PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 4241.0454.94e2 on port GigabitEthernet2/0/11.
%PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address f661.b8c2.f69e on port GigabitEthernet2/0/11.
%PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0000.0000.0001 on port GigabitEthernet2/0/11.
%PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0001.0100.0000 on port GigabitEthernet2/0/11.
 %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 0000.0000.06c3 on port GigabitEthernet2/0/11.

The message comes from different Macs that are not related to the ones saved on the stick.

this is the secure port configuration:

switchport access vlan 7
switchport mode access
switchport voice vlan 17
switchport port-security maximum 2
switchport port-security maximum 1 vlan access
switchport port-security maximum 1 vlan voice
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security mac-address sticky xxxx.xxxx.xxxx
switchport port-security mac-address sticky xxxx.xxxx.xxxx vlan voice
switchport port-security
spanning-tree portfast
spanning-tree bpduguard enable

These are the port security parameters:

Port Security : Enabled
Port Status : Secure-up
Violation Mode : Restrict
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 2
Total MAC Addresses : 2
Configured MAC Addresses : 0
Sticky MAC Addresses : 2
Last Source Address:Vlan : xxxx.xxxx.xxxx:17
Security Violation Count : 1799

and the count of security violations increases every minute, I don't understand why it increases in some ports and not in others.

I greatly appreciate your help and willingness.

0 Helpful
16 Replies 16

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to AnaGRojas

‎03-13-2024 02:54 PM

DELL docking station will present it's own MAC address.  

This means if a laptop is connected to a docking station, the docking station will send TWO (2) MAC addresses up to the switch:  One MAC address from the laptop and one MAC address of the docking station.

0 Helpful

Go to solution
EnocWave
Level 1
Level 1

‎03-13-2024 06:32 PM

I am new to this  world o networks.. the command line that you types.., Is it for the security of the device..?

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card