Reset Search
 

 

Article

Ports change their status to "Force Unauthorized" as a result of intruder threshold exceeded

« Go Back

Information

 
TitlePorts change their status to "Force Unauthorized" as a result of intruder threshold exceeded
Symptoms

Example log entries which could be indicative of the issue:

I 3 2019-02-15 13:27:13 GMT+01:00 30349 EAP: Reached MAC intruder count on Unit: 3 Port: 11
I 3 2019-02-15 13:27:13 GMT+01:00 30350 EAP: Mac Intruder - Unit: 3 Port: 11 MAC: 90:1b:0e:2a:09:61

As a result port 3/11 would change status to “Force Unauthorized”. This can happen for multiple ports, multiple switches. The “intruder” MAC addresses are legitimate – they belong to clients that are connected to the affected ports, and often times these clients are the only endpoints connected there (i.e. a single PC on a port).

Environment
ERS 4800

All supported software releases prior 5.12.4
Cause
Software defect. Upon client MAC address transition from "intruder" to "guest", the intruder count should have been decreased by one.
Resolution
Upgrade to 5.12.4 software release.
Workaround: Remove Guest VLAN configuration from the switch. If a Guest VLAN is necessary - use it as a RADIUS-assigned VLAN.
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255