Guest

Preview Tool

Cisco Bug: CSCuq75936 - 4500 SUP 8E port goes to unauthorized for certain DACL lengths

Last Modified

Aug 14, 2017

Products (150)

  • Cisco IOS
  • Cisco Catalyst 3560X-48T-E Switch
  • Cisco Catalyst 3560X-48P-S Switch
  • Cisco Catalyst 2960X-24PS-L Switch
  • Cisco Catalyst 2960C-12PC-L Switch
  • Cisco Embedded Service 2020 24TC NCP B Switch
  • Cisco Catalyst 3560X-48U-S Switch
  • Cisco IE 2000-16TC-G Industrial Ethernet Switch
  • Cisco Catalyst 2960X-24PD-L Switch
  • Cisco Catalyst 2960C-8TC-S Switch
View all products in Bug Search Tool Login Required

Known Affected Releases

15.2(2)E

Description (partial)

Symptom:
Port goes into unauthorized state when DACLs of a certain length are pushed to the 4500 as a result of successful client authentication.

Conditions:
A standard numbered ACL is defined on the 4500 with (the length of the name of the DACL pushed from ISE) as the number.
For example:
If the DACL being pushed is xACSACLx-IP-ABCD1234-aabbccdd, and there is a numbered ACL with the number 29 on the switch "access-list 29 permit host 1.1.1.1", then this DACL will trigger the port to go into the unauthorized state.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.