5.1.5
Testing violations
5.1.5.1 Unauthorized MAC on provisioned port
Figure 20: Example 6; unauthorized MAC on provisioned port
The unauthorized device is not able to send any traffic into the network; however it is still able to see
broadcast and unknown traffic flowing in the VLAN; if this is undesired the MAC Security should be
configured to partition the port upon an access violation.
Verify log file on switch
Avaya-ERS-Switch# show log
Type Time
---- ----------------------------- ---- --- -------
I
16:02:19:46
I
16:02:19:51
I
16:02:19:55
I
16:02:19:55
I
16:02:19:55
November 2010
Idx
Src Message
1
Link Down Trap for Port: 1
2
Link Up Trap for Port: 1
3
Bay Secure: Exceeded 1 per-port MAC
addresses on port 0/1
4
Bay Secure intruder MAC 00-e0-4c-77-67-01
port 1
5
Trap:
s5EtrNewSbsMacAccessViolation
Avaya Inc. – Internal Distribution
avaya.com
101