I/G/C/B/A-Series f/w 6.61.10.0008 can issue Maclock Trap upon 802.1x Authentication Failure

  • 0
  • 1
  • Article
  • Updated 5 years ago
  • (Edited)
Article ID: 16047 

Products
I-Series; firmware 6.61.05.0009 through 6.61.10.0008
G-Series; firmware 6.61.05.0009 through 6.61.10.0008
C5-Series; firmware 6.61.05.0009 through 6.61.10.0008, 6.71.01.6.71.01.0067 through 6.71.03.0025
C3-Series; firmware 6.61.05.0009 through 6.61.10.0008
B5-Series; firmware 6.61.05.0009 through 6.61.10.0008, 6.71.01.6.71.01.0067 through 6.71.03.0025
B3-Series; firmware 6.61.05.0009 through 6.61.10.0008
A4-Series; firmware 6.61.05.0009 through 6.61.10.0008, 6.71.01.6.71.01.0067 through 6.71.03.0025 

Changes
Enabled 802.1x Authentication ('set dot1x...', 'set eapol...', 'set radius...')
Enabled MAC Locking ('set maclock...').
Configured for traps ('set snmp...). 

Symptoms
When 802.1x Authentication fails, a maclock trap (type "etsysMACLockingMACViolation") is issued, reporting an all-zero violating MAC address ("etsysMACLockingLastViolationAddress.68 = 0:0:0:0:0:0"). 

Solution
Upgrade to 6.61 firmware 6.61.11.0006 or higher.
Release notes state, in the 'Changes and Enhancements in 6.61.11.0006' section:
18761   Corrected an issue where etsysMACLockingMACViolation traps could erroneously be generated. 

Optionally for the C5, B5, or A4-Series; upgrade to firmware 6.71.04.0004 or higher.
Release notes state, in the 'Changes and Enhancements in 6.71.04.0004' section:
18761   Corrected an issue where etsysMACLockingMACViolation traps could erroneously be generated
Photo of FAQ User

FAQ User, Official Rep

  • 13,620 Points 10k badge 2x thumb

Posted 5 years ago

  • 0
  • 1

There are no replies.

This conversation is no longer open for comments or replies.