Cisco Bug: CSCuo24023 - 3750 MKA host-switch macsec does not allow MAB to run
Last Modified
Nov 27, 2020
Products (1)
- Cisco 2600 Series Multiservice Platforms
Known Affected Releases
15.2(1.1)
Description (partial)
Symptom: On 3750 with 152-1.E1 when the port is configured with dot1x+mab+macsec after switching from Anyconnect NAM macsec profile to mab profile the port can not detect any mac address, no authentication can happen, "shutdown/no shutdown" does not help to resolve the issue. At that stage interface counters for incoming packets are not increasing, but CRC errors are increasing. There is no macsec session anymore. Mac address is not available when using "show mac address" but it can be seen when checking tcams. Conditions: 3750 port configured for dot1x+mab+macsec(MKA)
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Status
- Severity
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases