Cisco Bug: CSCuj77254 - Guest VLAN-ACL for dot1x Unauthenticated host not applied in some cases

Last Modified

Nov 27, 2020

Products (145)

Cisco Catalyst 3750 Series Switches
Cisco Catalyst 3560-12PC-S Compact Switch
Cisco Catalyst 3560E-24TD-S Switch
Cisco Catalyst 3560E-48PD-SF Switch
Cisco Catalyst 2960G-24TC-L Switch
Cisco Catalyst 2960S-24PD-L Switch
Cisco Catalyst 2960-24TC-L Switch
Cisco Catalyst 3560X-48P-S Switch
Cisco ME 3400EG-2CS-A Switch
Cisco Catalyst 3750V2-24PS Switch

View all products in Bug Search Tool Login Required

Known Affected Releases

12.2(55)SE8 12.2(58)SE2

Description (partial)

Symptom:
Guest VLAN-ACL for dot1x Unauthenticated host not applied if immediately connected after an Authenticated PC.

Conditions:
This issue is seen in the following conditions:
- Cat 3750 running 12.2(55)SE8 or 12.2(58)SE2
- Port configured for Dot1x authentication
- Authentication server pushes DACL to port on Authentication Success.
- Guest VLAN has ACL on SVI.
- Rogue device is connected immediately after an Authenticated device

View Bug Details in Bug Search Tool Login Required

Why Is Login Required?

Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

Full Description (including symptoms, conditions and workarounds)
Status
Severity
Known Fixed Releases
Related Community Discussions
Number of Related Support Cases

Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.

Learn More About Cisco Service Contracts