Thanks man,
I just added the following commands it works
switchport port-security maximum 3
switchport port-security mac-address 0030.94c2.92b0 vlan voice
Rob
On Thu, Jul 21, 2011 at 2:53 PM, Rob Clav <robclav_at_gmail.com> wrote:
> Hi Rob,
> You are missing you are configuring this feature at Voice vlan. So a new
> rules are played here.
> Please note, this is the expected behaviour.
> HTH,
> Robclav
>
>
>
>
http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/25sg/configura
tion/guide/port_sec.pdf
>
> � When you enable port security on an interface that is also configured
> with a voice VLAN, you must set the maximum allowed secure addresses on the
> port to two plus the maximum number of secure addresses allowed on the
> access VLAN. When the port is connected to a Cisco IP phone, the IP phone
> requires up to two MAC addresses. The IP phone address is learned on the
> voice VLAN and might also be learned on the access VLAN. Connecting a PC to
> the IP phone requires additional MAC addresses.
>
> 2011/7/21 me you <anunda19_at_gmail.com>
>
>> I am setting up port security for one computer on a port. Simple. But I am
>> having problems with the only port that has both a VIOP and computer. The
>> MAC address on the phone is showing on both VLAN. I have included all the
>> info. I am just overlooking something stupid. What is it?
>>
>> Thanks
>> Rob
>>
>>
>> sh mac add | i 0/19
>> 2 0030.94c2.92b0 DYNAMIC Fa0/19
>> 2 bcae.c52f.f4c5 DYNAMIC Fa0/19
>> 3 0030.94c2.92b0 DYNAMIC Fa0/19
>>
>>
>>
>> interface FastEthernet0/19
>> description Pete
>> switchport access vlan 2
>> switchport mode access
>> switchport voice vlan 3
>> switchport port-security
>> switchport port-security maximum 2
>> switchport port-security violation restrict
>> switchport port-security mac-address 0030.94c2.92b0
>> switchport port-security mac-address bcae.c52f.f4c5
>> load-interval 30
>> speed 100
>> duplex full
>> spanning-tree portfast
>>
>> Error
>> Jul 21 09:55:46.289: %PORT_SECURITY-2-PSECURE_VIOLATION: Security
>> violation
>> occurred, caused by MAC address 0030.94c2.92b0 on port FastEthernet0/19.
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> Robert Clavero
> CCIE RS/wr, CCNP, CCSP, CCSE NGX, SCSA 9, WLFES, BNP y JNCIA WX
> blog:http://robclavbcn.blogspot.com
>
> web:http://www.kubsolutions.com
Blogs and organic groups at http://www.ccie.net
Received on Thu Jul 21 2011 - 15:06:05 ART