Cisco Cisco IOS Software Release 12.2(55)SE

CSCto06796 

When you disable an interface and configure voice and data on the same VLAN and enable the 
interface: 

It causes a security violation but voice and data is authorized.

The configuration for the data VLAN policy changes after authentication. Use the show run 
interface configuration command to see this.

When you configure voice and data on the same VLAN on an enabled interface, it causes a security 
violation and an error message is displayed. 

In both cases the workaround is to configure voice and data on separate VLANs.

The workaround is to use port security without dot1x authentication.

CSCto99322

If the switch is in multidomain authorization (MDA) mode and it receives three or more MAC 
addresses simultaneously or if the switch is in single-host mode and it receives two or more MAC 
addresses simultaneously, a security violation trap occurs in the shutdown and protect violation 
modes.

The workaround is to connect one device at a time.

CSCtq06316 

If you configure multidomain authentication (MDA) with Open1x authentication and the restrict 
violation mode, a security violation occurs if the MAC address on the voice LAN is the last MAC 
address that the switch receives. However, the MAC address is added to the table as a dynamic MAC 
address and the connected data VLANs continue to access the interface.

The workaround is to connect the voice device first.

CSCtq06842 

In the multidomain  authentication (MDA) mode, if you configure the network-policy profile 
global configuration command and you remove a voice VLAN at the interface level after 
authentication, tracebacks and error messages are generated. 

There is no workaround.