Thanks for the reply.

No, the phones are cabled independently of the PCs.

So, if you have nothing else hanging off that port, and you already switched out the PC to determine that it isn't the issue, then source of your trouble is likely to be the port on the switch. If you have a spare port try switching the equipment off of gig 4/30 and swap it to different port.

If that fixes your issue then you have a port that's doing something screwy with MAC addresses, possibly hardware issue.

I swapped it to a different port and getting the same results. I also changed her Ethernet cable, and still no change.

Well, that is odd. Have you tried changing the maximum amount of allowed MAC addresses to a higher number? I think the command is something along the lines of switchport port-security maximum.

Yes...it's very odd, isn't it?

I haven't changed the maximum to a higher number as of yet, but I shouldn't have to. All of the other ports are fine as they are with a maximum of 1. If I increase that maximum to 2, it basically defeats the purpose of applying the port-security to protect against users plugging in another device.

Is it possible the problem does not lie within the switch, but rather the RJ-45 jack at the cubicle, the cabling between that jack and the patch panel, or the patch cable from the panel to the switch port, itself? There have been no other problems in regards to this connection. Only with port-security. It doesn't make sense that a bad cable/jack would cause this.

You've eliminated every thing but your patching. I'm not sure why a messed up patch would change MAC data, but anything is possible when your physical layer is screwed up.

Just for troubleshooting sake setting a higher mac allowed limit would show if you if anything else is showing up, but if you set the MAC limit to say four, and it still goes into error disabled, then you may want to spend some time looking into your patching, or bust out a cable tester if you have one..

That's good thinking.

I'll increase the maximum on Monday and let you know the results.

In the meantime, I have to leave port-security disabled for this user.

Thanks.

Is it possible the problem does not lie within the switch, but rather the RJ-45 jack at the cubicle, the cabling between that jack and the patch panel, or the patch cable from the panel to the switch port, itself? 

I think you have already ruled all the above by changing the cable, trying a different switch port etc.

Perhaps the switch just doesn't like her :-)

When you tried a different port did you remove the sticky entry with mac address from the original port configuration.

Also when you get the violation what does the mac address table on the switch show ?

Jon

That's the craziest part of all. When there's a violation, it shows the same mac address that was applied via sticky.

I negated all of the switchport commands and then reapplied them before/after shutdown/no shutdown the interface.

core1(config-if)#shut
core1(config-if)#no shut
core1(config-if)#no switchport port-security maximum 1
core1(config-if)#no switchport port-security mac-address sticky
core1(config-if)#no switchport port-security
core1(config-if)#switchport port-security maximum 1
core1(config-if)#switchport port-security mac-address sticky
core1(config-if)#switchport port-security

Maybe you're right, it jut doesn't like her ;)

Did you ever find an answer to this issue?
I'm running into the same thing at one of my branches.
First it was with a ShoreTel phone on port 9, but then it also started happening to a phone that moved to port 4. Rebooting the switch after hours made port 9 behave, but I still have no idea on port 4. 

On mine however, the MAC never registers for sticky. I get 1 (or 2, or any number I set) of allowed MACs, 0 found MACs, and umteen violations. When I set the MAC statically, I get the MAC that triggers the violation as the same MAC that is allowed.