- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-10-2015 09:22 AM - edited 03-07-2019 10:35 PM
I have a 4510R switch, ((cat4500e-UNIVERSALK9-M), Version 03.05.02.E RELEASE SOFTWARE (fc1)).
I´m configuring the port-security maximum using the following commands:
switchport port-security maximum 1 vlan access
switchport port-security maximum 1 vlan voice
I dont know why some times this work, some times do not work.
to solve the issue I had to use the three commands:
switchport port-security maximum 2
switchport port-security maximum 1 vlan access
switchport port-security maximum 1 vlan voice
the documentation do not say nothing about if I have to use the three commands together.
Solved! Go to Solution.
- Labels:
-
Other Switching
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-11-2015 04:06 AM
Hi,
This is an excerpt from the Configuration Guide for your box and IOS-XE release:
Each VLAN can be configured with a maximum count that is greater than the value configured on the port. Also, the sum of the maximum configured values for all the VLANs can exceed the maximum configured for the port. In either of these situations, the number of MAC addresses secured on each VLAN is limited to the lesser of the VLAN configuration maximum and the port configuration maximum. Also, the number of addresses secured on the port across all VLANs cannot exceed a maximum that is configured on the port.
The default "switchport port-security maximum" value for the port is "1". So unless you change this value to "2" your port can sense max. 1 MAC address in either vlan "access" or "voice" ONLY without triggering violation. This means that the total maximum number of MAC addresses allowed per all configured vlans per port equals ONE at the default only.
I hope my English makes sense.
Best regards,
Antonin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-11-2015 04:06 AM
Hi,
This is an excerpt from the Configuration Guide for your box and IOS-XE release:
Each VLAN can be configured with a maximum count that is greater than the value configured on the port. Also, the sum of the maximum configured values for all the VLANs can exceed the maximum configured for the port. In either of these situations, the number of MAC addresses secured on each VLAN is limited to the lesser of the VLAN configuration maximum and the port configuration maximum. Also, the number of addresses secured on the port across all VLANs cannot exceed a maximum that is configured on the port.
The default "switchport port-security maximum" value for the port is "1". So unless you change this value to "2" your port can sense max. 1 MAC address in either vlan "access" or "voice" ONLY without triggering violation. This means that the total maximum number of MAC addresses allowed per all configured vlans per port equals ONE at the default only.
I hope my English makes sense.
Best regards,
Antonin
