[c-nsp] PVLAN and Port Security on Cat6500

Rubens Kuhl Jr. rubens at email.com
Thu Aug 12 22:45:50 EDT 2004


Follow-up: although undocumented, Native IOS on Cat 6k can't do pvlan and
port-security at the same time, for now. A DDTS has been opened on this
issue, but it doesn't have a public description so its not accessible to
!@cisco.com.



Rubens

----- Original Message ----- 
From: "Rubens Kuhl Jr." <rubens at email.com>
To: <bep at whack.org>
Cc: <cisco-nsp at puck.nether.net>
Sent: Tuesday, August 10, 2004 1:43 PM
Subject: Re: [c-nsp] PVLAN and Port Security on Cat6500


>
> Doing "switchport mode access" before applying port security takes the
port out of pvlan mode, so port-security works then, but not on pvlan mode.
>
> This is what happens when a pvlan configured port receives a port-security
command:
>
> switch(config-if)# switchport port-security
> Command rejected: Gix/y not an access port.
>
> This is what happens when a port-security configured port receives a pvlan
command:
>
> switch(config-if)#switchport mode private-vlan promiscuous
> Command rejected: Gix/y is Port Security enabled port.
>
>
> Rubens
>
>
> | Hi all.
> |
> | I'm trying to configure a port to be a pvlan port with port security,
> | but the switch(Cat 6500, Sup 720, IOS 12.2SX) is refusing the
> | configuration. If port-security is enabled prior to entering a
> | "switchport mode private-vlan host", it complains about port security.
> | If private-vlan host is configured and then one tries to apply port
> | security to it, it complains that the port is not an access port.
> |
> | I've found no mention on configuration guides or release notes that this
> | mix (pvlan and port security) is not supported... any ideas ?
> |
>
> Maybe a silly question, but did you try doing "switchport mode access"
> before applying the port security?
>
> - --
> =========
> bep
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.2 (MingW32
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>



More information about the cisco-nsp mailing list