Guest

Preview Tool

Cisco Bug: CSCur21816 - 3850 dot1x idle-timout value set to 10 seconds even if not configured.

Last Modified

Jan 29, 2017

Products (1)

  • Cisco IOS

Known Affected Releases

3.6(0)

Description (partial)

Symptom:
--    WS-C3850-48T  switch running IOS XE verison     03.06.00E  configured as a switch stack.
--Dot1x is configured on the switchport and the client is authenticated and authorized correctly.
--However as per  the output of "show authentication session " on the interface, the idle timeout is set to 10 seconds, which causes the device to be reauthenticated every 10 seconds if no traffic is seen on that port.

Conditions:
--Wired dot1x authentication authenticated by ISE
--WS-3850-48T Switch running 3.6.0E in a stack model
--No idle timeout (Radius Attributes 28) configured in the Authorization Profile on ISE.
--No identity service template configured on switch and no periodic authentication enabled as well.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.