Reset Search
 

 

Article

After upgrading the controller from 8.11.11 to 8.32.10 APs lose POE on Cisco switch

« Go Back

Information

 
TitleAfter upgrading the controller from 8.11.11 to 8.32.10 APs lose POE on Cisco switch
Symptoms
  • After upgrading the controller from 8.11.11 to 8.32.10 APs lose POE
  • Problem seen also on 9.12.02
Environment
  • Identifi wireless controller
  • Firmware 8.32.10 + 9.12.02
  • Cisco 3560
  • Cisco port security enabled with default settings
  • WLAN service has no default topology
  • Invalid role and default action permissive at default setting
  • Errors seen on Cisco:
%PM-4-ERR_DISABLE: psecure-violation error detected on Fa0/45, putting Fa0/45 in err-disable state
%PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address aaaa.bbbb.cccc on port FastEthernet0/45.
Cause
  • Prior to the AP applying the appropriate role some traffic was contained in the untagged vlan, this caused a violation of port security on the wired switch, this violation subsequently caused POE to be withdrawn from the port and the AP to power off.
  • Controller firmware 8.31.01 and higher introduced new features that allowed this type of behavior by default.
Resolution
  1. Disable port security on the wired switch AP ports
-OR-
  1. Deny unauthenticated traffic on the controller
  2. Set invalid role action to an "at controller" topology (route or bridge)
  3. Set default topology on each service to contain to an at controller topology
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255