From: Jason Cash (cash2001@swbell.net)
Date: Tue Apr 08 2003 - 01:13:14 GMT-3
Thanks alot! Although it wasn't on F0/1, I did move it from another
port to F0/7. Removing the config on the interface and rebooting seemed
to have resolved the issue.
3550-1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
3550-1(config)#int f0/7
3550-1(config-if)#swi
3550-1(config-if)#switchport port
3550-1(config-if)#switchport port-security vio
3550-1(config-if)#switchport port-security violation shut
3550-1(config-if)#switchport port-security violation shutdown
3550-1(config-if)#^Z
3550-1#sh run
interface FastEthernet0/7
description R7 - F0/0
switchport access vlan 567
switchport mode access
switchport port-security
switchport port-security mac-address 0009.b769.5f00
no ip address
duplex full
speed 100
storm-control broadcast level 30.00
spanning-tree portfast
-----Original Message-----
From: David Porta [mailto:David.Porta003@msd.govt.nz]
Sent: Monday, April 07, 2003 10:51 PM
To: Jason Cash
Subject: Re: 3550 static portsecurity
Hi Jason,
When you configured this feature you probably had the device with the
MAC 0009.b769.5f00 connected to the fa0/1 on the 3550.
Try the following:
1. erase the configuration on port fa0/7
2. have port fa0/7 disconnected from the device with the MAC
0009.b769.5f00
3. reboot the switch
4. statically configure port fa0/7 as an access port (switchport mode
access)
5. configure fa0/7 with port security for the specific MAC.
Let me know if that works for you.
Jason Cash wrote:
>
> I am trying to define a static mac-address under port security, but it
> doesn't show up in the config nor as a static entry. What am I
> missing?!
>
> 3550-1#conf t
> Enter configuration commands, one per line. End with CNTL/Z.
> 3550-1(config)#int f0/7
> 3550-1(config-if)#switchport port-security mac-address 0009.b769.5f00
> 3550-1(config-if)#^Z
> 3550-1#sh port-security add
> Secure Mac Address Table
> -------------------------------------------------------------------
> Vlan Mac Address Type Ports Remaining Age
> 567 0009.b769.5f00 SecureDynamic Fa0/7 1440 (I)
> -------------------------------------------------------------------
> Total Addresses in System : 1
> Max Addresses limit in System : 128
>
> 3550-1#sh port-security int f0/7
> Port Security : Enabled
> Port status : SecureUp
> Violation mode : Shutdown
> Maximum MAC Addresses : 1
> Total MAC Addresses : 1
> Configured MAC Addresses : 0
> Sticky MAC Addresses : 0
> Aging time : 1440 mins
> Aging type : Inactivity
> SecureStatic address aging : Enabled
> Security Violation count : 0
>
> 3550-1#sh run | beg interface FastEthernet0/7
> interface FastEthernet0/7
> description R7 - F0/0
> switchport access vlan 567
> switchport mode access
> switchport port-security
> switchport port-security aging time 1440
> switchport port-security aging type inactivity
> switchport port-security aging static
> no ip address
> duplex full
> speed 100
> spanning-tree portfast
----------------------------------- David Porta MSD Network Support +064..04.916.3222
------------------------------- This email message and any attachment(s) is intended only for the person(s) or entity(entities) to whom it is addressed. The information it contains may be classified as IN CONFIDENCE and may be legally privileged. If you are not the intended recipient any use, disclosure or copying of the message or attachment(s) is strictly prohibited. If you have received this message in error please notify us immediately and destroy it and any attachment(s). Thank you. The Ministry of Social Development accepts no responsibility for changes made to this message or to any attachment(s) after transmission from the Ministry. -------------------------------
This archive was generated by hypermail 2.1.4 : Thu May 01 2003 - 13:35:48 GMT-3