Cisco Port-Security

howler · 17 Sep 2012 at 11:12

I'm having some trouble with my port-security config on a 2960

mac-address security is enabled on all the ports, the problem is that devices connected on the same switch cannot ping each other, ports 1 & 2 in this case

If I disable port security it starts working, also devices on this switch can access resources on the another switch that is connected to it

This is my port-sec config on the interfaces, I'm sure I'm missing something stupid but don't know what

Code:

interface GigabitEthernet0/1
 switchport mode access
 switchport protected
 switchport port-security
 switchport port-security violation restrict
 switchport port-security mac-address xxxx.xxxx.xxxx vlan access
!
interface GigabitEthernet0/2
 switchport mode access
 switchport protected
 switchport port-security
 switchport port-security violation restrict
 switchport port-security mac-address xxxx.xxxx.xxxx vlan access

Laser402 · 17 Sep 2012 at 11:21

Any reason for having switchport protected?

I believe this stops L2 communication between hosts.

http://packetlife.net/blog/2008/aug/21/protected-switchports/https://learningnetwork.cisco.com/thread/31691

howler · 17 Sep 2012 at 11:26

that will be it, I turned on switchport protected as it was advised in the cisco article I read, probably should have paid more attention to what it actually did!

Laser402 · 17 Sep 2012 at 11:31