Excerpts from Richard A Steenbergen's message of Thu Mar 25 16:52:15 -0700 2010: > On Thu, Mar 25, 2010 at 03:13:31PM -0400, Paul Stewart wrote: > > The problem I'm facing we're tripping the port security on the exchange > > switch: > > > > Mar 24 15:36:52.773 EDT: %PORT_SECURITY-2-PSECURE_VIOLATION: Security > > violation occurred, caused by MAC address 000b.45b6.f500 on port > > FastEthernet0/1. > > > > It is obviously seeing several MAC addresses and doesn't like this. so I'm > > trying to adapt a "best practice" here based on what other folks have > > encountered along the way as we're trying our best to learn Juniper better > > ;) > > The MAC address vendor database says 000b45 is Cisco, so either you have > a misconfiguration or your Juniper is leaking something it shouldn't be, > but at least is isn't generating something on its own. I'd recommend you > track down that MAC address on your network and figure out how it is > getting to the exchange, since if the Juniper is leaking things outside > of its configured vlan it is a Big Problem (tm) which needs to be fixed.
>From the original post, it sounds like Paul was using a Cisco as the router and just using his EX switch as an L2 device to connect the two, in which case, the Cisco OUI seems expected. --j _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp