1. Home
  2. Cisco Systems
  3. CCNA switching lab doesn't work - port violation shutdown

CCNA switching lab doesn't work - port violation shutdown

I've posted this elsewhere to no avail, please save my sanity...

This one should be a simple one, but I cannot figure out how to do it.

I've enabled switchport port security on a port using the sticky setting, maximum MAC addresses as one and violate as shutdown. I can re-enable the port using the web interface but cannot figure out the syntax to bring it back up using the IOS CLI. There is an switchport ageing command set to 2 minutes, I assumed that that would try to see if the permitted MAC address(es) were plugged back in and re-enable it but it doesn't.

I've tried everything, issueing "no" versions of everything showing in show run, I've cleared the mac-address-list and put the supposedly known good NIC back into the port. I can issue no shutdown till I'm blue in the face, it just stays in an err-disabled state and refuses to come back up.

The only ways I can get the interface back up is via the browser or by rebooting the switch. Both of these scenarios seem like cheating, especially when the Networking Academy lab says it should work with a simple no shutdown.

All help is appreciated.

Cheers

Steve

Reply to
spurdy88
Loading thread data ...

Have you tried to put that port first into shutdown (shut - no shut) so it changes it state from errdisable to shutdown?

These might also help: (config)#errdisable recovery cause psecure-violation (config)#errdisable recovery interval ? timer-interval(sec)

Reply to
Seppo Mannisto

I had tried those out but they just made the interface come straight back up despitet the fact that I had set the interval to 300 seconds.

I'll try shutdown before no shutdown later and let you know if that worked.

Many thanks for the suggestions.

Regards

Steve

Reply to
spurdy88

Google for [4500 errdisable no shutdown] returns as first hit:-

formatting link
"When a secure port is in the error-disabled state, you can bring it out of this state by entering the 'errdisable recovery cause psecure_violation' global configuration command or you can manually reenable it by entering the 'shutdown' and 'no shutdown' interface configuration commands."

As suggested

shut no shut

should do it.

Reply to
anybody43

I've tried the shutdown followed by no shudown and that brought the interface back up, exactly the point I had wasted 3 nights trying to get to.

I'll have a go with some of the other bits suggested maybe at the weekend.

Thank you very much for all of your help.

Regards

Steve

Reply to
spurdy88

The key thing here is that you need to be able to investigate these things more efficiently yourself.

That was why I tried to show how easy it was to find the exact document that you needed. Well, easy when you know what to put in.

Imagine how hard it was before Cisco bought search technology from Google.

One thing is that you will now /never/ forget that one.

Reply to
anybody43

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.