Open Problem Reports and Feature Exceptions
Authenticated VLANs
Problem Reports
PR 87642
On an OS6800, the CLI command to specifically disable 802.1x or AVLAN authentication on a port will disable either of the authentication options configured on the port.
Workaround: There is no known workaround at this time.
PR 98369
DHCP is not supported with
Workaround: There is no known workaround at this time.
PR 106976
When DHCP Snooping's IP Source Filtering is enabled on the Authenticated VLAN port of an OS6850, the authentication (via Telnet or HTTP) will fail.
Workaround: Cannot enable IP Source Filtering on AVLAN ports, since IP Source Filtering (work as expected) is blocking the IP traffic.
Policy Server Management
Problem Reports
PR 103324
An OS6850 will not change the IP address automatically even if the supplicant client is running that can automatically do the ipconfigure release and renew when dynamically changing classification policy when an IP net rule is configured. Depending on what traffic is running, some packets may satisfy the IP net rule and the supplicant will be classified according to the IP net rule.
Workaround: User has to be aware that when the IP net rule is configured and when dynamically chang- ing the classification policy that as group mobility as one of the classification option, traffic from suppli- cant may still have the old IP address on the vlan that the supplicant was classified before the policy is changed. The IP net rule will cause the client to be learned on the vlan that it was previously learned on. E.g. supplicant is learned on vlan x and has an IP address with vlan x's subnet. There is also an IP net rule for vlan x's IP to be classified on vlan x. When user dynamically changes the classification policy, the supplicant may still be learned on vlan x because the PC has traffic coming out with VLAN x's subnet and thus device classification task will classify the supplicant on VLAN x again.
OmniSwitch | page 77 |