Guest

Preview Tool

Cisco Bug: CSCta01205 - Critical Authz recovery - MDA - Cat6K

Last Modified

Aug 18, 2017

Products (1)

  • Cisco Catalyst 6000 Series Switches

Known Affected Releases

12.2(33)SXI

Description (partial)

Symptom:

When a device connects behind an authenticated and fully functional IP phone when AAA server is auavailable, the device is placed on the Critical VLAN due to Critical Authorization.

When the AAA server comes back ALIVE, the switch should re-authenticate the critically authorized device. However, when this is done today, the switch sends out a multicast EAP Request and NOT unicast EAP Request. This undesirably causes both the IP phone and the device behind it to re-authenticate on the port and this causes service disruption for the IP phone.

Conditions:
Issue is only seen when Critical Authorization is configured for recovery.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.