This post is more than 5 years old
1 Rookie
•
5 Posts
0
95971
June 23rd, 2015 09:00
N2048 Port security not working
Hi Experts,
We just deployed a new site which uses Dell N2048 switches in a stack.
We would now like to add port security to the switch, Port-MAC locking to lockdown a port if another computer is connected.
According to the manual, to set this up we only need to se the port to locked under the GUI under Switching, Network Security, Port Security.
This does not activate it.
We tried to add it via the command line, under the test ports, it now shows:
switchport port-security dynamic 1
Port security is still not activated. Is there something else that needs to be activated globally to make this work or other commands?
Thanks,
No Events found!
Martin Harrison1
1 Rookie
•
5 Posts
0
August 31st, 2015 13:00
The output of # show port-security is as follows:
Port Security Administration Mode: Enabled
It's possible that the tests were not done quick enough. I increased the timeout and will ask them to test again.
Thanks,
joshgfeller11
5 Posts
0
November 20th, 2015 14:00
Here is the new config that seems to work with the maximum set.
interface Gi1/0/1
storm-control broadcast level 1
storm-control broadcast action shutdown
spanning-tree portfast
switchport port-security
switchport port-security dynamic 1
switchport port-security maximum 1
switchport port-security mac-address sticky
switchport port-security mac-address sticky 782B.CBF7.0DD4 vlan 1
green-mode energy-detect
green-mode eee
exit
!
Martin Harrison1
1 Rookie
•
5 Posts
0
June 23rd, 2015 13:00
This is at a remote site in China. We have someone connect a different computer to an active port in order to trigger the port to get locked out.
I added the global setting, which was missing, doh.
I asked them to test again.
Thanks,
Martin Harrison1
1 Rookie
•
5 Posts
0
August 28th, 2015 12:00
They finally got around to testing. The port security didn't kick in.
In the configuration, under the two test ports we have the following line:
# switchport port-security dynamic 1
At the end of the config, just before the last exit:
# switchport port-security
Is there anything else to configure? If I go into the web interface, the port is listed as unlocked in the port security section. Do I need to set it to locked? If I do, there is a line "switchport port-security" that is added to the configuration but the result is the same.
Thanks,
cornponious
1 Rookie
•
4 Posts
0
October 5th, 2021 05:00
Sorry to pop in six years later, but it looks like you didn't set the violation action.
The command would be: switchport port-security violation shutdown
And then enable port security on that interface. It not only needs to be globally enabled, but also on that particular interface.