Solved: Shutdown port(group) in same vlan

Jan Rolny · ‎04-29-2011

Hi all,

I have question regarding shut down port function which is not connected with port-security. Lets say I have 3 FastEthernet ports in same vlan. Is it possible, that in case one of this port will go down (because NIC on the other side go down) switch will shutdown othe two FastEthernet port which are in same vlan?

Thank you very much for answers.

Jan.

Antonio Knox · ‎04-29-2011

Are you familiar with Enhanced Event Manager (EEM)? If so, you could use it to monitor the logs to track when one of the ports has been shut down due to port security violation, and have the switch/router shut down the other two associated ports in response. Here's is an example, if you are familiar with the process:

Let's say you have 3 ports, Gi0/0 - 2 (you can adjust this script to fit your requirement whether the ports are in the same vlan or not) Set up an EEM applet for each port which will shutdown the other two if it is shut down by port security:

!---Rule for Gi0/0 PortSec violation------

Switch(config)#event manager applet PortSecGI0-0

!---See the log pattern-----

Switch(config-applet)# event syslog pattern "%SECURITY-1-PORTSHUTDOWN:Port 0/0 shutdown due to security violation"

!---React to the log pattern----

Switch(config-applet)# action 1.0 cli command "enable"

Switch(config-applet)# action 1.1 cli command "config t"

Switch(config-applet)# action 1.2 cli command " int Gig0/1"

Switch(config-applet)# action 1.3 cli command "shutdown"

Switch(config-applet)# action 1.4 cli command " int Gig0/2"

Switch(config-applet)# action 1.5 cli command "shutdown"

!---Rule for Gi0/1 PortSec violation------

Switch(config)#event manager applet PortSecGI0-1

Switch(config-applet)# event syslog pattern "%SECURITY-1-PORTSHUTDOWN:Port 0/1 shutdown due to security violation"

Switch(config-applet)# action 1.0 cli command "enable"

Switch(config-applet)# action 1.1 cli command "config t"

Switch(config-applet)# action 1.2 cli command " int Gig0/0"

Switch(config-applet)# action 1.3 cli command "shutdown"

Switch(config-applet)# action 1.4 cli command " int Gig0/2"

Switch(config-applet)# action 1.5 cli command "shutdown"

!---Rule for Gi0/2 PortSec violation------

Switch(config)#event manager applet PortSecGI0-2

Switch(config-applet)# event syslog pattern "%SECURITY-1-PORTSHUTDOWN:Port 0/2 shutdown due to security violation"

Switch(config-applet)# action 1.0 cli command "enable"

Switch(config-applet)# action 1.1 cli command "config t"

Switch(config-applet)# action 1.2 cli command " int Gig0/0"

Switch(config-applet)# action 1.3 cli command "shutdown"

Switch(config-applet)# action 1.4 cli command " int Gig0/1"

Switch(config-applet)# action 1.5 cli command "shutdown"

Hope this makes sense.

Please rate helpful posts.

View solution in original post

Antonio Knox · ‎04-29-2011

Are you familiar with Enhanced Event Manager (EEM)? If so, you could use it to monitor the logs to track when one of the ports has been shut down due to port security violation, and have the switch/router shut down the other two associated ports in response. Here's is an example, if you are familiar with the process:

Let's say you have 3 ports, Gi0/0 - 2 (you can adjust this script to fit your requirement whether the ports are in the same vlan or not) Set up an EEM applet for each port which will shutdown the other two if it is shut down by port security:

!---Rule for Gi0/0 PortSec violation------

Switch(config)#event manager applet PortSecGI0-0

!---See the log pattern-----

Switch(config-applet)# event syslog pattern "%SECURITY-1-PORTSHUTDOWN:Port 0/0 shutdown due to security violation"

!---React to the log pattern----

Switch(config-applet)# action 1.0 cli command "enable"

Switch(config-applet)# action 1.1 cli command "config t"

Switch(config-applet)# action 1.2 cli command " int Gig0/1"

Switch(config-applet)# action 1.3 cli command "shutdown"

Switch(config-applet)# action 1.4 cli command " int Gig0/2"

Switch(config-applet)# action 1.5 cli command "shutdown"

!---Rule for Gi0/1 PortSec violation------

Switch(config)#event manager applet PortSecGI0-1

Switch(config-applet)# event syslog pattern "%SECURITY-1-PORTSHUTDOWN:Port 0/1 shutdown due to security violation"

Switch(config-applet)# action 1.0 cli command "enable"

Switch(config-applet)# action 1.1 cli command "config t"

Switch(config-applet)# action 1.2 cli command " int Gig0/0"

Switch(config-applet)# action 1.3 cli command "shutdown"

Switch(config-applet)# action 1.4 cli command " int Gig0/2"

Switch(config-applet)# action 1.5 cli command "shutdown"

!---Rule for Gi0/2 PortSec violation------

Switch(config)#event manager applet PortSecGI0-2

Switch(config-applet)# event syslog pattern "%SECURITY-1-PORTSHUTDOWN:Port 0/2 shutdown due to security violation"

Switch(config-applet)# action 1.0 cli command "enable"

Switch(config-applet)# action 1.1 cli command "config t"

Switch(config-applet)# action 1.2 cli command " int Gig0/0"

Switch(config-applet)# action 1.3 cli command "shutdown"

Switch(config-applet)# action 1.4 cli command " int Gig0/1"

Switch(config-applet)# action 1.5 cli command "shutdown"

Hope this makes sense.

Please rate helpful posts.

Jan Rolny · ‎05-04-2011

Hi Antonio,

thanks for answer, that's exactly what I am looking for :-)

Regards,

Jan.