Guest

Preview Tool

Cisco Bug: CSCuj88557 - 4500 DOT1x the same ACL not implemented on the multiple ports

Last Modified

Nov 27, 2020

Products (2)

  • Cisco 2600 Series Multiservice Platforms
  • Cisco 2600 Series Multiservice Platforms

Known Affected Releases

15.2(1)E

Description (partial)

Symptom:
dACL is not applied on the port (or is deactivated on the ports on which it is already applied).
Error message is seen in "debug ip admission api":

002864: *Oct 17 08:39:11.698: ip_admission_api:GaliosEpm_hostPolicyUpdate: Adding 1 ACEs to ACL NACL_xACSACLx-IP-PERMIT_ALL_TRAFFIC-5165e13c failed!

Conditions:
- dot1x and dACL are being used 
- 4500 platform
- the same dACL applied on multiple ports
- one device per port, so device tracking is not substituing ANY with IP address in dACL
- seen on 03.05.00.E
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.