This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
We had 802.1x/MAB running fine at a site with Cisco 3750 switches. We then upgraded to Cisco 3850 switches. Now we find that a number of Avaya IP phones get stuck saying "Discover xxx.xxx.xxx.xxx" and when you do a "sh auth session int gi x/y" it shows the "D" flag and it says "Blocked On: Pending Deletion".
Has anyone come across this before?
Thank you in advance!
The XE code has been very problematic, there is a chance that you are running into a bug. If there isn't a particular feature that you are after in v3.6.1 then I would recommend that you go to v3.3.5 and see if that resolves your issue.
Thank you for rating helpful posts!
Sorry to hear that you had major issues Joe. Do you mind sharing with us:
- The issue that you had
- Bug ID (If applicable)
- The vendor that you are planning on switching to
the 3850 runs ip device tracking by default, even on a layer2 switch and no matter what we did (tac had us do alot) our windows 7 machines had IP CONFLICTS upon plugging in - even though nothing else had those ip's for sure.
so the 3850 ip device tracking feature causes more harm that its worth.
we are going with HP Procurve or Arista
Ugh, I think you might have hit the same issue that I did with a deployment that I have done in the past, except in my case I was dealing with Cisco 4500-X that also runs the XE code. The "IP Device Tracking" is disabled by default on Catalyst IOS but enabled by default on IOS XE. The command is needed (even for layer 2 switches) if you plan on deploying dot1x with DACLs.
I have worked with both Arista and HP (Actually 3com) in the past. Arista had some very nice and fast switches while HP had nothing that really impressed me. To be fair, I have ran into issues/bugs with both manufacturers :) So just keep in mind that nobody will be perfect out there :)
Btw, I still believe that Cisco's TAC and communities, such as this is what sets Cisco apart from the rest of the competition.