[cisco-voip] switchport port-security sticky for IP phones
Peter Pauly
ppauly at gmail.com
Fri Apr 10 14:48:57 EDT 2009
Actually, I'm setting it to 3.
Here's a typical example of a recommended setup:
switchport port-security
switchport port-security maximum 3
switchport port-security maximum 2 vlan access
switchport port-security maximum 1 vlan voice
switchport port-security violation shutdown
switchport port-security mac-address sticky
switchport port-security mac-address sticky 1111.1111.1111 vlan access
switchport port-security mac-address sticky 2222.2222.2222 vlan access
switchport port-security mac-address sticky 2222.2222.2222 vlan voice
I only ever see two entries, one for the PC (access vlan) and one for
the phone (voice vlan). I never see two for the phone.
On Fri, Apr 10, 2009 at 2:42 PM, Mike Wilusz
<mikewilusz at pricechopper.com> wrote:
> Peter,
>
> We're using "sticky" mode for PCs and phones. Are you setting the port to
> detect 2 macs? "switch port-security maximum 2"
>
> Mike Wilusz, CCNA
> Telecommunications & Networking Supervisor
> Price Chopper Supermarkets / The Golub Corporation
>
>
>
>
>> From: Peter Pauly <ppauly at gmail.com>
>> Date: Fri, 10 Apr 2009 14:31:51 -0400
>> To: <cisco-voip at puck.nether.net>
>> Subject: [cisco-voip] switchport port-security sticky for IP phones
>>
>> All the examples of port security I've found show that an IP phone
>> needs two mac-address entries, one for the voice vlan and one for the
>> access vlan. When turning on "sticky" mode, I only ever see an entry
>> created for the voice vlan, never for the access vlan, even when
>> power-cycling the phone.
>> _______________________________________________
>> cisco-voip mailing list
>> cisco-voip at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
More information about the cisco-voip
mailing list