Resolved issues for 6200 Switches in AOS-CX 10.06.0220

Category	Bug ID	Description
RADIUS Port-Access	229739	Symptom: RADIUS disconnect requests failed with the error CONTEXT_NOT_REMOVABLE. Scenario: This issue is related to timing, Configure concurrent onboarding enabled and default priority enabled. Thisissue occurs if a user issues a disconnect request for a client after MACauth is successfull, but dot1x authentication is still in-progress. Workaround: Avoid issuing a disconnect request until the highest priority authentication method is completed. Check theoutpt of theshow aaa authentication port-access interface all client-statuscommand to verify the both the auth-methods are complete. Disconnect the request once higher priority methods are complete.
L3 addressing	225356	Symptom: In some rare cases the switch will reboot or crash when a user issues theclear arp vrf ipcommand. Scenario: When theclear arp vrf ipcommand is issued memory can be accessed incorrectly.
OSPFv2	225988	Symptom: A mismatch occurs between the uptime shown in the output ofshow ospfcommands and the BGP state reflected the event log. Scenario: This issue occurs if no OSPF show commands are executed for 49 days or more Workaround: Run any OSPF show command once every 48 days or fewer.
BGP	226220	Symptom: A mismatch between uptime shown byshow bgpcommands and the BGP state is reflected in the event log. Scenario: This issue occurs if no BGP show commands were run for 49 days Workaround: Run any BGP show command once every 48 days or fewer.
基于用户的隧道	228372	Symptom: Customers will see EAP packets (dot1x control plane packets) from a UBT client in controller. This will generate authentication error log in controller. There is no functionality impact. Scenario: Enable both MAC and dot1x authentication on the AOS-CX switch secure port where the UBT client is connected. The UBT client first should be MAC authenticated. Later, the UBT client should trigger dot1x authentication. Workaround: Use either dot1x or MAC authentication for a UBT client, but not both.
Credential Manager	231199	Symptom: A password not applied after after a json config import if the user config contains a user password and an authorized key. Scenario:这个问题时进行guration containing a user account with both a password and an authorized key is applied and the running-config contains a different password for the same user.

RADIUS Port-Access

229739

Symptom: RADIUS disconnect requests failed with the error CONTEXT_NOT_REMOVABLE.

Scenario: This issue is related to timing, Configure concurrent onboarding enabled and default priority enabled. Thisissue occurs if a user issues a disconnect request for a client after MACauth is successfull, but dot1x authentication is still in-progress.

Workaround: Avoid issuing a disconnect request until the highest priority authentication method is completed. Check theoutpt of theshow aaa authentication port-access interface all client-statuscommand to verify the both the auth-methods are complete. Disconnect the request once higher priority methods are complete.

L3 addressing

225356

Symptom: In some rare cases the switch will reboot or crash when a user issues theclear arp vrf ipcommand.

Scenario: When theclear arp vrf ipcommand is issued memory can be accessed incorrectly.

OSPFv2

225988

Symptom: A mismatch occurs between the uptime shown in the output ofshow ospfcommands and the BGP state reflected the event log.

Scenario: This issue occurs if no OSPF show commands are executed for 49 days or more

Workaround: Run any OSPF show command once every 48 days or fewer.

BGP

226220

Symptom: A mismatch between uptime shown byshow bgpcommands and the BGP state is reflected in the event log.

Scenario: This issue occurs if no BGP show commands were run for 49 days

Workaround: Run any BGP show command once every 48 days or fewer.

基于用户的隧道

228372

Symptom: Customers will see EAP packets (dot1x control plane packets) from a UBT client in controller. This will generate authentication error log in controller. There is no functionality impact.

Scenario: Enable both MAC and dot1x authentication on the AOS-CX switch secure port where the UBT client is connected. The UBT client first should be MAC authenticated. Later, the UBT client should trigger dot1x authentication.

Workaround: Use either dot1x or MAC authentication for a UBT client, but not both.

Credential Manager

231199

Symptom: A password not applied after after a json config import if the user config contains a user password and an authorized key.

Scenario:这个问题时进行guration containing a user account with both a password and an authorized key is applied and the running-config contains a different password for the same user.

Resolved issuesfor 6200 Switchesin AOS-CX 10.06.0220