Cisco Bug: CSCup71561 - Dot1x Session struck in "U" state
Nov 18, 2020
- Cisco Catalyst 4000 Series Switches
Known Affected Releases
Symptom: After a wired dot1x client is disconnected from the switchport, the session is stuck and cannot be cleared. The "show auth sessions" command output may look similar to the following: switch#sh auth sessions int gi2/0/32 detail Interface: GigabitEthernet2/0/32 IIF-ID: 0x102CB4000000F4B MAC Address: 0011.2233.4455 IPv6 Address: Unknown IPv4 Address: 192.168.2.27 (old IP address from previous swtichport access VLAN) User-Name: username.example.com Status: Unauthorized Domain: DATA Oper host mode: multi-auth Oper control dir: both Session timeout: N/A Common Session ID: AC17049400001ED3F99F40BC Acct Session ID: Unknown Handle: 0x63000D1C Current Policy: POLICY_Gi2/0/32 Blocked On: User Profile Application - apply user profile (1) Conditions: Seen on 3850 and 4500. ACL downloaded from RADIUS.
Related Community Discussions
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases