3.1.4
Testing violations
3.1.4.1 Unauthorized MAC on non-provisioned port
Figure 3: Example 1; unauthorized MAC on non-provisioned port
The unauthorized device is not able to send any traffic into the network; however it is still able to see
broadcast and unknown traffic flowing in the VLAN; if this is undesired the MAC Security should be
configured to partition the port upon an access violation.
Verify log file on switch
Avaya-ERS-Switch# show log
Type Time
---- ----------------------------- ---- --- -------
I
00:05:53:48
I
00:05:53:52
I
00:05:53:52
November 2010
Idx
Src Message
1
Link Up Trap for Port: 5
2
Bay Secure intruder MAC 00-e0-4c-77-67-01
port 5
3
Trap:
s5EtrNewSbsMacAccessViolation
Avaya Inc. – Internal Distribution
avaya.com
26