Workaround None 54037 In some cases the maximum number of supported stations 8k

Workaround none 54037 in some cases the maximum

This preview shows page 19 - 21 out of 58 pages.

Workaround: None. 54037 In some cases, the maximum number of supported stations (8k entries) is being reached on the controller because idle user entries are not being released. Once the controller reaches this stage, some of the new user entries are placed in VLAN1. Workaround: None. 55438 In a dot1x VAP deployment with user derivation involving multiple DHCP-option rules, a number of issues have been identified. After successful dot1x authentication and the client getting placed in the default dot1x role, the dhcp-option user derivation rules (UDRs) take effect. However, the order in which the rules are being checked is out of order and every DHCP discover/request triggers the UDR. Workaround: None. 55867 Clients doing Machine-auth will fall into the default VLAN if an external server is used for VLAN derivation. Workaround: None. 55503 A problem with the auth module’s handling of server derived roles has been identified. Specifically, server role derivation for wired VPN users authenticating against a RADIUS server does not happen. The users are placed in the default VPN role instead of the server derivation role. Workaround: None. Table 26 Remote Access Point Issues and Limitations (Continued) Bug ID Description
Image of page 19
22 | What’s New in this Release ArubaOS | Release Notes Security Table 28 Security Known Issues and Limitations Bug ID Description 55629 RAPs are not able to associate with dot1x clients if the username entry in the local DB has more than 31 characters. Workaround: Change the username to have 31 characters or less. 56932 You cannot add a single netdestination for all multicast addresses using as netmask. The CLI will return will read as an invalid input. For example: (config-test) #network ^ % Invalid input detected at '^' marker. Workaround: None. 54413, 55132 The following error messages appear in the syslog while SNMP is trying to obtain that user’s user entry: snmp_handle_new_user_request:550: Failed to get SOS user entry for SNMP. Workaround: None. 56995, 56996, 56954 An auth crash due to the auth module dereferencing a NULL pointer for the AAA profile has been identified. In this case, auth tries to find the AAA wired profile based on VLAN, port, and failing that, tries to get the default wired port. Workaround: By adding a default wired profile, the NULL reference can be avoided. Note that adding a default aaa wired profile will break mobility. 56588 Per-vlan aaa profiles do not work if station-table entry exists with the same MAC address as a client but with different aaa profile assigned when the client's traffic first hit the controller's untrusted port. Workaround: None. 55023 Split Tunnel ACLs are not hit when an AP-Group (Location) is mapped to the Firewall policy. When a user associates to the RAP (which is connected to a switch) and gets the correct role which has the Split-Tunnel policy that has the AP-Group mapped, if they attempt to ping the switch interface where the AP is terminating, the ping fails and the split-tunnel policy is not invoked.
Image of page 20
Image of page 21

You've reached the end of your free preview.

Want to read all 58 pages?

  • Winter '18
  • mr. j
  • Associated Press, User guide, release notes, ArubaOS

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Stuck? We have tutors online 24/7 who can help you get unstuck.
A+ icon
Ask Expert Tutors You can ask You can ask You can ask (will expire )
Answers in as fast as 15 minutes