Cisco Cisco IOS Software Release 12.2(55)SE
11
Release Notes for Catalyst 2350 Switch, Cisco IOS Release 12.2(55)SE and Later
OL-23019-05
Open Caveats
Open Caveats
•
CSCto06796
When you disable an interface and configure voice and data on the same VLAN and enable the
interface:
interface:
–
It causes a security violation but voice and data is authorized.
–
The configuration for the data VLAN policy changes after authentication. Use the show run
interface configuration command to see this.
interface configuration command to see this.
When you configure voice and data on the same VLAN on an enabled interface, it causes a security
violation and an error message is displayed.
violation and an error message is displayed.
In both cases the workaround is to configure voice and data on separate VLANs.
The workaround is to use port security without dot1x authentication.
•
CSCto99322
If the switch is in multidomain authorization (MDA) mode and it receives three or more MAC
addresses simultaneously or if the switch is in single-host mode and it receives two or more MAC
addresses simultaneously, a security violation trap occurs in the shutdown and protect violation
modes.
addresses simultaneously or if the switch is in single-host mode and it receives two or more MAC
addresses simultaneously, a security violation trap occurs in the shutdown and protect violation
modes.
The workaround is to connect one device at a time.
•
CSCtq06316
If you configure multidomain authentication (MDA) with Open1x authentication and the restrict
violation mode, a security violation occurs if the MAC address on the voice LAN is the last MAC
address that the switch receives. However, the MAC address is added to the table as a dynamic MAC
address and the connected data VLANs continue to access the interface.
violation mode, a security violation occurs if the MAC address on the voice LAN is the last MAC
address that the switch receives. However, the MAC address is added to the table as a dynamic MAC
address and the connected data VLANs continue to access the interface.
The workaround is to connect the voice device first.
•
CSCtq06842
In the multidomain authentication (MDA) mode, if you configure the network-policy profile
global configuration command and you remove a voice VLAN at the interface level after
authentication, tracebacks and error messages are generated.
global configuration command and you remove a voice VLAN at the interface level after
authentication, tracebacks and error messages are generated.
There is no workaround.
Resolved Caveats
•
•
•
•
•
•
•
•
•