Guest

Preview Tool

Cisco Bug: CSCup92246 - NG3K: Default deny SGACL policy dropping management traffic

Last Modified

Sep 14, 2019

Products (1)

  • Cisco Catalyst 3850 Series Switches

Known Affected Releases

15.0(1)EZ3 15.2(2)E 3.6(0)E

Description (partial)

Symptom:
The traffic to switch management is blocked when it should be permitted according to SGACL policy.

Conditions:
Global SGT enforcement is enabled on the switch.

cts role-based enforcement

also enforcement on the switch vlan is enabled:

cts role-based enforcement vlan-list 100

Default policy on the ISE is configured to deny.

Related Community Discussions

Converged Access - 3.3.4 Beta Available
Download link On 8-15-2014, interim build 3.14.30EZP was posted at https://upload.cisco.com/cgi-bin/swc/fileexg/main.cgi?CONTYPES=WNG under Forum: Unified Access EFT   Support For any new issues while testing this code, please report to 5760-mr4-feedback@external.cisco.com   Images ct5760* is for 5760 wireless controller cat3k* is for Catalyst 3850 and 3650 converged access switches   Issues fixed on this Release   Bug Id Bug Headline CSCum91301 IPDT: Standby crashes due to host table corruption ...
Latest activity: Aug 29, 2014
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.