Guest

Preview Tool

Cisco Bug: CSCuo24023 - 3750 MKA host-switch macsec does not allow MAB to run

Last Modified

Jan 29, 2017

Products (1)

  • Cisco IOS

Known Affected Releases

15.2(1.1)

Description (partial)

Symptom:
On 3750 with 152-1.E1 when the port is configured with dot1x+mab+macsec after switching from Anyconnect NAM macsec profile to mab profile the port can not detect any mac address, no authentication can happen, "shutdown/no shutdown" does not help to resolve the issue. At that stage interface counters for incoming packets are not increasing, but CRC errors are increasing. There is no macsec session anymore. Mac address is not available when using "show mac address" but it can be seen when checking tcams.

Conditions:
3750 port configured for dot1x+mab+macsec(MKA)
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.