Open Problem Reports and Feature Exceptions

Authenticated VLANs

Problem Reports

PR 87642

On an OS6800, the CLI command to specifically disable 802.1x or AVLAN authentication on a port will disable either of the authentication options configured on the port.

Workaround: There is no known workaround at this time.

PR 98369

DHCP is not supported with port-binding AVLANs on OS6800/OS6850. When DHCP packets are used to trigger the port binding rules, none of the rules work.

Workaround: There is no known workaround at this time.

PR 106976

When DHCP Snooping's IP Source Filtering is enabled on the Authenticated VLAN port of an OS6850, the authentication (via Telnet or HTTP) will fail.

Workaround: Cannot enable IP Source Filtering on AVLAN ports, since IP Source Filtering (work as expected) is blocking the IP traffic.

Policy Server Management

Problem Reports

PR 103324

An OS6850 will not change the IP address automatically even if the supplicant client is running that can automatically do the ipconfigure release and renew when dynamically changing classification policy when an IP net rule is configured. Depending on what traffic is running, some packets may satisfy the IP net rule and the supplicant will be classified according to the IP net rule.

Workaround: User has to be aware that when the IP net rule is configured and when dynamically chang- ing the classification policy that as group mobility as one of the classification option, traffic from suppli- cant may still have the old IP address on the vlan that the supplicant was classified before the policy is changed. The IP net rule will cause the client to be learned on the vlan that it was previously learned on. E.g. supplicant is learned on vlan x and has an IP address with vlan x's subnet. There is also an IP net rule for vlan x's IP to be classified on vlan x. When user dynamically changes the classification policy, the supplicant may still be learned on vlan x because the PC has traffic coming out with VLAN x's subnet and thus device classification task will classify the supplicant on VLAN x again.

OmniSwitch 6800/6850/9000—Release 6.1.3.R01

page 77

Page 77
Image 77
Alcatel-Lucent 6850, 9000, 6800 user manual Authenticated VLANs, Policy Server Management