Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1028
Views
0
Helpful
17
Replies

switchport port-security aging static

Jessica-Brown-2000
Level 1
Level 1

‎01-13-2025 10:37 AM

Good afternoon.
Can you tell me how to set up switchport port-security aging static?
I can't figure out where to apply it.

In particular, two configurations are shown below:
vios_l2_Switch_2#show running-config interface gigabitEthernet 0/1
Building configuration...

Current configuration : 202 bytes
!
interface GigabitEthernet0/1
switchport access vlan 111
switchport mode access
switchport port-security mac-address 0050.7966.6804
switchport port-security
media-type rj45
negotiation auto
end

vios_l2_Switch_2#
vios_l2_Switch_2#show port-security interface gi0/1
Port Security : Enabled
Port Status : Secure-up
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 1
Configured MAC Addresses : 1
Sticky MAC Addresses : 0
Last Source Address:Vlan : 0000.0000.0000:0
Security Violation Count : 0

vios_l2_Switch_2#


vios_l2_Switch_2#show running-config interface gigabitEthernet 0/1
Building configuration...

Current configuration : 241 bytes
!
interface GigabitEthernet0/1
switchport access vlan 111
switchport mode access
switchport port-security mac-address 0050.7966.6804
switchport port-security aging static
switchport port-security
media-type rj45
negotiation auto
end

vios_l2_Switch_2#show port-security interface gi0/1
Port Security : Enabled
Port Status : Secure-up
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Enabled
Maximum MAC Addresses : 1
Total MAC Addresses : 1
Configured MAC Addresses : 1
Sticky MAC Addresses : 0
Last Source Address:Vlan : 0000.0000.0000:0
Security Violation Count : 0

vios_l2_Switch_2#

As you can see, the difference between the conclusions is:

1. The SecureStatic Address Aging : Disabled in the output
2. The presence of the string switchport port-security aging static + presence in the SecureStatic Address Aging : Enabled output

It turns out that they are essentially the same, because addresses do not age.
P.S. I'm testing in EVE-NG, on the image of vios_l2 Software (vios_l2-ADVENTERPISEK9-M), Version 15.2(4.0.55)E, TEST ENGINEERING ESTG_WEEKLY BUILD.
There was a glitch with switchport port-security aging type absolute. Maybe there's something wrong here too?

Labels:
0 Helpful
17 Replies 17

Jessica-Brown-2000
Level 1
Level 1
In response to MHM Cisco World

‎01-15-2025 09:50 AM

If I set up:
switchport port-security aging time 5

what will setting up the command give me?
switchport port-security aging static
?

It turns out to be a paradox - I configure the mac address to be outdated in 5 minutes. And then I tell the switch that the mac address does not get old))))

0 Helpful

Jessica-Brown-2000
Level 1
Level 1

‎01-15-2025 10:25 AM

Sometimes it seems to me that port-security does not work correctly in EVE-NG.
I don't have a real cisco nearby yet, so I'll pause testing this feature for now.
Thank you all very much!

0 Helpful

MHM Cisco World
VIP
VIP
In response to Jessica-Brown-2000

‎01-15-2025 11:07 AM

I will send you PM check it

MHM

0 Helpful
Customers Also Viewed These Support Documents