Reset Search
 

 

Article

mac-lockdown-timeout does not work on netlogin ports

« Go Back

Information

 
Titlemac-lockdown-timeout does not work on netlogin ports
Symptoms
When netlogin dot1x is enabled on port with mac-lockdown-timeout enabled the netlogin authenticated mac is not shown in the mac-lockdown-timeout fdb entries
Environment
  • EXOS > 15.7 
  • Netlogin dot1x
  • mac-lockdown-timeout
Cause
The behavior of netlogin is changed in EXOS 15.7.
Authenticated mac addresses are now programmed as static entries and only the netlogin process can age these. Because of this mac-lockdown-timeout is not working as it is only designed for dynamic fdb entries
Resolution
Use mac-lockdown instead of mac-lockdown-timeout if that can work for you

Change the switch to be policy enabled, in policy mode the switch does not change the authenticated mac address to static. 
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255