During an overnight hardware refresh, a technician swapped the onboard NIC in a Windows file server for a new dual-port adapter. The next morning, users report they cannot reach the server. Investigation shows:
The server's NIC status reads "network cable unplugged."
Switch interface Gi1/0/24 (the server's uplink) shows err-disabled state, and the "Security violation counter" increases each time the port is manually brought up.
The VLAN assignment and cabling are confirmed correct.
Which of the following is the MOST likely reason the switch keeps disabling the port?
802.1X authentication on the switchport is configured for multi-host mode, but only one host is attached.
The DHCP snooping binding for Gi1/0/24 has expired, so the switch is discarding the server's frames.
Spanning Tree has placed the interface in a blocking state because the port's VLAN ID is inconsistent.
Port security allows only a pre-defined MAC address, and the replacement NIC reports a different MAC.
Port-security on many enterprise switches is often set to allow either a single specific MAC address or the first MAC that is learned (sticky). If a new NIC with a different hardware address is connected, the first incoming frame carries an unauthorized source MAC. That event triggers a port-security violation; in the default shutdown mode, the switch immediately places the interface in the err-disabled state and increments the violation counter each time the administrator tries to re-enable it.
Spanning Tree inconsistencies (blocking or alternate states), DHCP snooping binding expirations, or 802.1X multi-host configurations do not put an interface into err-disabled with a port-security violation, so they would not match the observed symptoms.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is port security, and how does it relate to MAC addresses?
Open an interactive chat with Bash
What does the 'err-disabled' state indicate on a switch port?
Open an interactive chat with Bash
How does a NIC's MAC address affect network connectivity?
Open an interactive chat with Bash
What is a MAC address, and why is it important for port security?
Open an interactive chat with Bash
How does 'err-disabled' state work on a switch, and what triggers it?
Open an interactive chat with Bash
What is port-security, and how does 'sticky' MAC learning function?
Open an interactive chat with Bash
What is port security on a switch?
Open an interactive chat with Bash
What happens when a port is in an err-disabled state?
Open an interactive chat with Bash
How does MAC address 'stickiness' work in port security?