question about port security

blackberryblackberry Member Posts: 59 ■■□□□□□□□□
in CCNA Security
I enabled port security on a device
switchport port security
switchport port security maximum 2
switchport port security violation shutdown
switchport port security mac-address sticky


I took out the mac address sticky command and when I put in a new device it shuts down automatically. I clear all port security commands and the device comes on. When I try to add port security command it shut down right away. First time this has happened
· Share on FacebookShare on Twitter

Comments

  • Legacy UserLegacy User Unregistered / Not Logged In Posts: 0 ■□□□□□□□□□
    Does it work when you keep the mac-address sticky?
    · Share on FacebookShare on Twitter
  • blackberryblackberry Member Posts: 59 ■■□□□□□□□□
    no it shuts down once I put in the port security command.
    · Share on FacebookShare on Twitter
  • vyaraguddavyaragudda Member Posts: 7 ■□□□□□□□□□
    I think there is a command missing switchport mode access

    This could help you

    ! Begin by entering the interface you want to configure port security on.

    SwitchX(config)#interface fa0/5

    ! Next set the port as a static access port.
    ! This must be done before enabling port security.

    SwitchX(config-if)#switchport mode access

    ! Next Enable Port Security

    SwitchX(config-if)#switchport port-security

    ! Next Set the Maximum number of MAC addresses to be seen,
    ! or allowed on this port.

    SwitchX(config-if)#switchport port-security maximum 1

    ! Next configure "Sticky MAC Address Learning" In essence this says
    ! to take the first MAC address I see and make it a permanent MAC address.

    SwitchX(config-if)#switchport port-security mac-address sticky

    ! Finally set the action to happen if a violation occurs.
    ! In this case the port will be shutdown,
    ! or end up in a state of ERR-Disable.
    ! You can verify this with a Show Interface.

    SwitchX(config-if)#switchport port-security violation shutdown
    · Share on FacebookShare on Twitter
  • blackberryblackberry Member Posts: 59 ■■□□□□□□□□
    thanks for the reply,

    I have configured port security on the port before. I took out the device from this port and have added a new device...typically i can take off the mac address sticky command and the port will recognize the new macs but on this occasion i have to take out all port security commands because the port shuts off instantly. I would think the shut and no shut would clear the mac addresses.
    · Share on FacebookShare on Twitter
  • chiefwarrant250nchiefwarrant250n Member Posts: 17 ■□□□□□□□□□
    If you're port is shutdown from a violation you have to clear it and do a shut no shut on that port for it to function properly again.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.