Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1386
Views
70
Helpful
9
Replies

Switch "Port Security" disabled but still high violation count

CSchmidt1
Level 1
Level 1

‎02-24-2022 06:16 AM

Hello,

I have a problem which the violation count of one of my interfaces.

The port-security of the interface is disabled, but i have a violation count of 54.

I thought, that it isnt possible for the violation count to rise, if the port-security is disabled.

Does anyone know, how this is possible? 

Here is Screenshot of the return of a "show port-security interface xx" on the named interface 

Labels:
9 Replies 9

CSchmidt1
Level 1
Level 1

‎02-24-2022 06:17 AM

 
Preview file
14 KB

MHM Cisco World
VIP
VIP

‎02-24-2022 06:18 AM

no attachment 

CSchmidt1
Level 1
Level 1
In response to MHM Cisco World

‎02-24-2022 06:18 AM

seems that something went wrong there. I put the attachement in my own reply

balaji.bandi
Hall of Fame
Hall of Fame

‎02-24-2022 06:28 AM

what is this device? can you post show run interface x/x

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

CSchmidt1
Level 1
Level 1
In response to balaji.bandi

‎02-24-2022 06:47 AM

It's a WS-C3850-48T in a Stack-System.

 

This is the output of sh run interface x/x

Preview file
5 KB

balaji.bandi
Hall of Fame
Hall of Fame
In response to CSchmidt1

‎02-24-2022 06:58 AM

we do not see any security config on the port, suggest to post show run (full config removing confidential information)

 

suggest to clear :

 

#clear port-security ?
all All secure MAC addresses
configured Configured secure MAC address
dynamic Secure MAC address auto-learned by hardware
sticky Secure MAC address either auto-learned or configured

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

marce1000
Hall of Fame
Hall of Fame

‎02-24-2022 07:05 AM

 

 - Does the port get disabled (or not) , check logs ,or use syslog-server (preferred) for monitor of switch logs.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

MHM Cisco World
VIP
VIP

‎02-24-2022 07:32 AM

Hi Friend the info. you share is enough for me, 
the Port go to Secure-down then you disable port-security. 
to return the port to normal secure-up you need to shut/no shut the port then check 
port-security check secure-up then after that even if the mac address change or anything elsa happen don't not effect the port any more. 
also check the violation count it must be reset when shut/no shut.

paul driver
VIP
VIP

‎02-24-2022 10:11 AM

Hello

Ty clearing or defaulting the interface and test again:

clear port-security xxxx

conf t
default interface x/x


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
Customers Also Viewed These Support Documents