3.1.4.3 Unauthorized MAC sharing connection with authorized MAC
Figure 5: Example 1; unauthorized MAC sharing connection with authorized MAC
The unauthorized device is not able to send any traffic into the network but station with IP 30.0.0.2 can
still talk to the network. However the unauthorized device is still able to see broadcast and unknown traffic
flowing in the VLAN and, if a shared hub was inserted on the network connection, it can also see all of
traffic sent and received by station with IP 30.0.0.2; if this is undesired the MAC Security should be
configured to partition the port upon an access violation.
Verify log file on switch
Avaya-ERS-Switch# show log
Type Time
---- ----------------------------- ---- --- -------
I
00:06:24:58
I
00:06:25:01
I
00:06:25:05
I
00:06:25:05
November 2010
Idx
Src Message
1
Link Down Trap for Port: 1
2
Link Up Trap for Port: 1
4
Bay Secure intruder MAC 00-e0-4c-77-67-01
port 1
5
Trap:
s5EtrNewSbsMacAccessViolation
Avaya Inc. – Internal Distribution
avaya.com
30