Fibre Channel (SAN)

Reply
Highlighted
New Contributor
Posts: 3
Registered: ‎02-15-2010
Accepted Solution

How to get past the "public device security violation"

 

 

DCX8510-8 running 7.4.1.b.    We brought a new storage array onto the switch, and see this message on the ports "public device security violation"  .. re-enabling the ports does not clear the problem ?    ?known problem?   ?how to clear permanently?

 

also seen on 6510. Do not see this against an older model of storage Array. ( Storage array is  DDN SFA14KX  .. We've attempted to clear the error,  and to -re-enable' the port but the port status goes back to "public device security violation".  The DCC feature we've NEVER enabled on our switches, so don't understand why we're getting this error at this time, and can't seemingly get around it.

 

Have upgraded the DCX8510-8  to 8.1.0.a   and still plagued by this. 

Brocade Moderator
Posts: 311
Registered: ‎08-31-2009

Re: How to get past the "public device security violation"

Hello,

 

Please can you run commands below on concerned switch:

 

secpolicyshow "active"

secpolicyshow "defined"

secpolicydump

secpolicydump "active"

Any and all information provided by me is not reviewed, approved or endorsed by Brocade and is provided solely as a convenience for Brocade customers. All systems and all networks are different and unique. If you have a service affecting network problem, please open a TAC service request for service through Brocade, or through your OEM equipment provider. If this provided you with a solution to this issue, please mark it with the button at the bottom "Accept as solution"
New Contributor
Posts: 3
Registered: ‎02-15-2010

Re: How to get past the "public device security violation"

 

co-sw-17:FID128:admin> secpolicyshow "active"

 

 

____________________________________________________

                ACTIVE POLICY SET

 

co-sw-17:FID128:admin> secpolicyshow "defined"

 

____________________________________________________

                DEFINED POLICY SET

 

co-sw-17:FID128:admin> secpolicydump

 ____________________________________________________

                ACTIVE POLICY SET

 

 ____________________________________________________

                DEFINED POLICY SET

 

co-sw-17:FID128:admin> secpolicydump "active"

 

____________________________________________________

                ACTIVE POLICY SET

 

co-sw-17:FID128:admin>

 

Brocade Moderator
Posts: 311
Registered: ‎08-31-2009

Re: How to get past the "public device security violation"

Looking like there is nothing configured but I suspect something is wrong.

 

Please can you run the commands below:

 

secpolicydelete ALL_DCC_POLICY

secpolicydelete ALL_STALE_DCC_POLICY

 

Do portdisable and enable for concerned ports.

 

 

Any and all information provided by me is not reviewed, approved or endorsed by Brocade and is provided solely as a convenience for Brocade customers. All systems and all networks are different and unique. If you have a service affecting network problem, please open a TAC service request for service through Brocade, or through your OEM equipment provider. If this provided you with a solution to this issue, please mark it with the button at the bottom "Accept as solution"
Brocade Moderator
Posts: 311
Registered: ‎08-31-2009

Re: How to get past the "public device security violation"

Can you provide the messages in the logs concerning the security violation?

Any and all information provided by me is not reviewed, approved or endorsed by Brocade and is provided solely as a convenience for Brocade customers. All systems and all networks are different and unique. If you have a service affecting network problem, please open a TAC service request for service through Brocade, or through your OEM equipment provider. If this provided you with a solution to this issue, please mark it with the button at the bottom "Accept as solution"
Brocade Moderator
Posts: 311
Registered: ‎08-31-2009

Re: How to get past the "public device security violation"

I have seen a case in the past where HBA was presenting null WWN. This was a HBA issue.

 

The logs were showing:

 

[SWCH-1002], 174, FID 128, INFO,
switch, Security violation: Unauthorized device 00:00:00:00:00:00:00:00 tries to flogin to port 6.

 

2016/01/28-16:20:32, [SWCH-1002], 213, FID 128, INFO,
switch, Security violation: Unauthorized device 00:00:00:00:00:00:00:00 tries to flogin to port 8.

Any and all information provided by me is not reviewed, approved or endorsed by Brocade and is provided solely as a convenience for Brocade customers. All systems and all networks are different and unique. If you have a service affecting network problem, please open a TAC service request for service through Brocade, or through your OEM equipment provider. If this provided you with a solution to this issue, please mark it with the button at the bottom "Accept as solution"
New Contributor
Posts: 3
Registered: ‎02-15-2010

Re: How to get past the "public device security violation"

Thank you Thierry. Your last comment was exactly what was happening, the storage array was initially clocking out a null WWN ! !

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

Download FREE NVMe eBook