Cisco Bug: CSCuo55022 - 3850 hosts not getting DHCP addresses when Port-security is enabled
Last Modified
Oct 14, 2019
Products (1)
- Cisco Catalyst 3850 Series Switches
Known Affected Releases
15.0(1)S3.3
Description (partial)
Symptom: When connecting a host into an access-port with Port-security enabled and using VLAN 325, the switch is not learning the MAC address of the end device and no DHCP address is leased to this host. The following errors can be seen during the issue: Mar 26 18:55:22.255: PSECURE: swidb = GigabitEthernet1/0/16 mac_addr = 5cf6.dc1b.ce17 vlanid = 325 Mar 26 18:55:22.255: PSECURE: Adding address vlan 325 5cf6.dc1b.ce17 to port-security Mar 26 18:55:22.255: PSECURE: Adding addresses to port-security sub block Mar 26 18:55:22.255: PSECURE: Internal error in adding address Conditions: Use of VLAN 325 plus Port-security on access ports. Example of port configuration: interface GigabitEthernet1/0/16 switchport access vlan 325 switchport mode access switchport port-security switchport port-security aging time 2 switchport port-security violation restrict switchport port-security aging type inactivity spanning-tree portfast spanning-tree bpduguard enable
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Status
- Severity
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases