Preview Tool

Cisco Bug: CSCvs14893 - 802.1x-MultiAuth/MultiDomain: C9K - Traffic drop in egress direction for Data-Vlan on a Auth port

Last Modified

Aug 25, 2020

Products (41)

  • Cisco IOS
  • Cisco Catalyst C9500-16X-E Switch
  • Cisco Catalyst 9300-48T-A Switch
  • Cisco Catalyst 9800-40 Wireless Controller
  • Cisco 4221 Integrated Services Router
  • Cisco Catalyst 9300-48U-A Switch
  • Cisco Catalyst 9300-48UXM-A Switch
  • Cisco Catalyst 9300-48P-A Switch
  • Cisco Catalyst 9300-48UN-A Switch
  • Cisco 4431 Integrated Services Router
View all products in Bug Search Tool Login Required

Known Affected Releases

16.10.1 16.12.2 17.1.1

Description (partial)

Traffic drop in egress direction for Data-Vlan on a Auth port.
Issue is not seen in 16.9.x releases.

On a C9K port enabled with Dot1x/MAB in either multi-auth or multi-domain mode, the egress traffic to the data client fails with the below exact sequence of authentication events for PC and Phone : 
1. PC mac seen on the port
2. PC mac authentication starts
3. PC mac authentication success
4. Phone mac seen on the port
5. Phone mac authentication starts
6. Phone mac authentication success

In the multi-auth mode, if the 2nd client is also a PC, then the PC2 need to have a failed authentication to run into this problem and in the problematic state, both the data clients on the port will have the egress traffic impacted.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.