These are described in more detail below: Shutdown – When a violation occurs in this mode, the switchport will be taken out of service and placed in the err-disabled state. Switchport Violations On Cisco equipment there are three different main violation types: shutdown, protect, and restrict. Dynamic secure MAC addresses-This type of secure MAC address is learned dynamically from the traffic that is sent through the switchport.Īccordingly, what are the port security violation modes? Subsequently, question is, what is a secure MAC address? Static secure MAC addresses-This type of secure MAC address is statically configured on a switchport and is stored in an address table and in the running configuration. When you enter this command, the interface converts all the dynamic secure MAC addresses, including those that were dynamically learned before sticky learning was enabled, to sticky secure MAC addresses. To enable sticky learning, enter the switchport port- security mac-address sticky command.
Likewise, how do I enable sticky port security? Allowing the port to continuously learn MAC addresses is a security risk. Switchport port-security mac-address sticky MAC is a port security feature that dynamically learns MAC addresses on an interface and retains the MAC information in case the Mobility Access Switch reboots. Switchport port-security mac-address sticky 1100.6450.62YC Switchport port-security mac-address sticky 0011.6450.6FDC Switchport port-security mac-address sticky 0010.6450.627C Switchport port-security mac-address sticky 0001.6450.62EC Switchport port-security mac-address sticky 1100.6650.62DH Switchport port-security mac-address sticky 0011.6430.62DC Switchport port-security mac-address sticky 0010.6459.62DC Switchport port-security mac-address sticky 0001.6650.62DC Switchport port-security mac-address sticky 1100.6450.62DL Switchport port-security mac-address sticky 0011.6450.62KC Switchport port-security mac-address sticky 0010.6450.62EC
Switchport port-security mac-address sticky 0001.6450.62DH Switchport port-security mac-address sticky 1100.6450.62DC Switchport port-security mac-address sticky 0011.6450.62DC Switchport port-security mac-address sticky 0010.6450.62DC Switchport port-security mac-address sticky 0001.6450.62DC Switchport port-security violation protect Switchport port-security mac-address sticky No service timestamps debug datetime msecĮnable secret 5 $1$mERr$oXudM0pt1ousyj22XJqei/
#Switchport port security mac address sticky mac address Pc
So I ran a test I switch did the following I take the cable off the offending PC go to int f0/2 no switchport port-security mac-address 0001.97BC. Switch_UD109(config-if)#switchport port-security violation protect Switch_UD109(config-if)#switchport port-security mac-address sticky 0001.6450.62DC The sticky keyword instructs the switch to dynamically learn the MAC address of the currently connected host. Switch_UD109(config-if)#switchport port-security maximum 1