Cisco DS-C9124-K9 Troubleshooting Guide - Page 365
Verifying Port Security Violations Using the CLI
View all Cisco DS-C9124-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 365 highlights
Chapter 19 Troubleshooting FC-SP, Port Security, and Fabric Binding Port Security Issues Send documentation comments to [email protected] Step 3 Optionally, remove the device from the switch, choose Switches > Interfaces > FC Physical and select up from the Admin Status drop-down menu to bring the port back online. Click Apply Changes. Note You may need to set the interface down and then up to bring it back online. Verifying Port Security Violations Using the CLI To verify port security violations using the CLI, follow these steps: Step 1 Use the show port-security violations command and search for the interface that is shut down. switch# show port-security violations VSAN Interface Logging-in Entity Last-Time [Repeat count] 1 fc1/13 21:00:00:e0:8b:06:d9:1d(pwwn) Jul 9 08:32:20 2003 [20] 20:00:00:e0:8b:06:d9:1d(nwwn) 1 fc1/12 50:06:04:82:bc:01:c3:84(pwwn) Jul 9 08:32:20 2003 [1] 50:06:04:82:bc:01:c3:84(nwwn) 2 port-channel 1 20:00:00:05:30:00:95:de(swwn) Jul 9 08:32:40 2003 [1] [Total 2 entries] Step 2 In this example, pWWN 21:00:00:e0:8b:06:d9:1d is causing interface fc1/13 to be shut down because of port security violations. Optionally follow these steps to add the device to the port security database: a. Use the port-security database copy command to copy the active database to the configure database. This ensures that no learned entries are lost. switch# port-security database copy vsan 3 b. Use the port-security database command to add a new entry into the configure database. switch(config)# port-security database vsan 3 switch(config-port-security)# pwwn 20:11:33:11:00:2a:4a:66 swwn 20:00:00:0c:85:90:3e:80 interface fc1/13 c. Use the port-security activate command to copy the configure database to the active database and reactivate port security. switch(config)# port-security activate vsan 3 d. If CFS distribution is enabled, use the port-security commit command to distribute these changes. switch(config)# port-security commit vsan 3 Step 3 e. Use the no shutdown command in interface mode to bring the port back online. Optionally, remove the device from the switch and use the no shutdown command to bring the port back online. OL-9285-05 Cisco MDS 9000 Family Troubleshooting Guide, Release 3.x 19-11