Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
22496
Views
15
Helpful
1
Replies

switchport port-security maximum

Go to solution
Rafael Jimenez
Level 4
Level 4

‎02-10-2015 09:22 AM - edited ‎03-07-2019 10:35 PM

I have a 4510R switch, ((cat4500e-UNIVERSALK9-M), Version 03.05.02.E RELEASE SOFTWARE (fc1)).

I´m configuring the port-security maximum using the following commands:

switchport port-security maximum 1 vlan access
switchport port-security maximum 1 vlan voice

 

I dont know why some times this work, some times do not work.

to solve the issue I had to use the three commands:

switchport port-security maximum 2

switchport port-security maximum 1 vlan access
switchport port-security maximum 1 vlan voice

the documentation do not say nothing about if I have to use the three commands together.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
amikat
Spotlight
Spotlight

‎02-11-2015 04:06 AM

Hi,

This is an excerpt from the Configuration Guide for your box and IOS-XE release:

Each VLAN can be configured with a maximum count that is greater than the value configured on the port. Also, the sum of the maximum configured values for all the VLANs can exceed the maximum configured for the port. In either of these situations, the number of MAC addresses secured on each VLAN is limited to the lesser of the VLAN configuration maximum and the port configuration maximum. Also, the number of addresses secured on the port across all VLANs cannot exceed a maximum that is configured on the port.

The default "switchport port-security maximum" value for the port is "1". So unless you change this value to "2" your port can sense max. 1 MAC address in either vlan "access" or "voice" ONLY without triggering violation. This means that the total maximum number of MAC addresses allowed  per all configured vlans per port equals ONE at the default only.

I hope my English makes sense.

Best regards,

Antonin

 

View solution in original post

1 Reply 1

Go to solution
amikat
Spotlight
Spotlight

‎02-11-2015 04:06 AM

Hi,

This is an excerpt from the Configuration Guide for your box and IOS-XE release:

Each VLAN can be configured with a maximum count that is greater than the value configured on the port. Also, the sum of the maximum configured values for all the VLANs can exceed the maximum configured for the port. In either of these situations, the number of MAC addresses secured on each VLAN is limited to the lesser of the VLAN configuration maximum and the port configuration maximum. Also, the number of addresses secured on the port across all VLANs cannot exceed a maximum that is configured on the port.

The default "switchport port-security maximum" value for the port is "1". So unless you change this value to "2" your port can sense max. 1 MAC address in either vlan "access" or "voice" ONLY without triggering violation. This means that the total maximum number of MAC addresses allowed  per all configured vlans per port equals ONE at the default only.

I hope my English makes sense.

Best regards,

Antonin

 

Customers Also Viewed These Support Documents