Cisco 2950 port-security problem.

Hello, there.

I wanted to test the port-security limiting the number of the computer connected
to single port. So I did the following on fa0/9

int fa0/9
switchport mode access
switchport port-security maximum 1
switchport port-security violation shutdown

after putting in these commands, I did "show run"
but somehow under "int fa0/9"
it would list "switchport mode access" only.

IOS is c2950-i6q4l2-mz.121-22.EA1.bin
when I was putting in those commands, I didn't encounter any error messages.
So I guess, that is supported on my ios version. right?

I tried connecting low-end netgear switch and had 3 computers
attached to that netgear.

I was able to surf internet through all those computers.
Port was still active. Not shutdown.

Would somebody help please?
Thank you in advance.

Find more posts tagged with

SAVE $250 on Your CISCO Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View CISCO Boot Camps

Comments

szmarcek

Hi there,

I think (though I might be wrong) that you need to enable port security first! So for example if you enter something like this

switchport mode access -
switchport port-security violation protect
switchport port-security mac-address 0011.5bf4.4d45

it will not be enough and even though you have set the security mode you will still be able to connect other mac-address then 0011.5bf4.4d45 and get access.

To enable port security enter

switchport port-security

and then

switchport port-security violation protect
switchport port-security mac-address 0011.5bf4.4d45

Try it out and let us know if it works.

Regards

josunin75

Thank you.
Putting that command helped.

When I put in the command "switchport port-security" by itself,

now it list under int fa0/9

"
switchport mode access
switchport port-security
"

when I put in two computers through netgear, now the port would shut down.
However, still I don't see the other commands I put in running configuration.
How come?
How would I find out if I were to troubleshoot ports shutting down
if I cannot see port-security commands implementation in running-configuration?

Thanks again for your quick reply.

rsutton

josunin75 wrote: »

How would I find out if I were to troubleshoot ports shutting down
if I cannot see port-security commands implementation in running-configuration?

If I remember correctly, ports that are shut down VIA port security will be displayed as err-down when doing a Show Interface.

josunin75

Thanks for the reply.

I think, that's how it is supposed to shown in running-configuration.
and other option such as number of mac in each port allowed which was
configured through
"switchport port-security maximum
switchport port-security violation shutdown"

those commands are only shown when
"show port-security interface 0/9 (or which ever port configured)"
as number of mac allowed and violation mode :shutdown?
if I remember correctly.

I did tried those commands 3550 EMI switch.
Still same result.

I guess, this is how it is.
Or is it? ^^;;

BennyLava

Both of those commands are defaults and defaults don't show up in the config.