Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1231
Views
0
Helpful
6
Replies

%LINK-W-PORT_SUSPENDED: Port fi2/0/42 suspended by acl-deny

henrihoffmann
Level 1
Level 1

‎05-09-2023 12:53 AM

Hi,

have trouble with an CBS350 stack and some WLAN APs.

According to the log, the port fi2/0/42 was "suspended by acl-deny".

Two questions:

- Why did the firmware suspend the port, even where are no errors logged?

- Why did the firmware suspend the port, even "acl-deny Disable"?

Is there any way to understand, how this think works?

Thanks a lot

Henri

sh ver
Active-image: flash://system/images/image_cbs_ros_3.2.1.1_release_cisco_signed.bin
Version: 3.2.1.1
MD5 Digest: 937212ebf51de43330b6f7967a7445ae
Date: 13-Feb-2023
Time: 01:12:59

switch3#sh errdisable rec

Timer interval: 300 Seconds


Reason Automatic Recovery
---------------------- ------------------
loopback_detection Enable
port-security Disable
dot1x-src-address Disable
acl-deny Disable
stp-bpdu-guard Disable
stp-loopback-guard Disable
udld Enable
storm-control Enable
link-flapping Enable

untitled text 94:97: 09-May-2023 10:16:13 :%SEC-I-PORTAUTHORIZED: Port fi2/0/42 is Authorized
untitled text 94:99: 09-May-2023 10:15:48 :%STP-W-PORTSTATUS: fi2/0/42: STP status Forwarding
untitled text 94:107: 09-May-2023 10:15:43 :%SEC-W-PORTUNAUTHORIZED: Port fi2/0/42 is unAuthorized
untitled text 94:109: 09-May-2023 10:15:43 :%LINK-I-Up: fi2/0/42
untitled text 94:343: 08-May-2023 11:00:56 :%LINK-W-Down: fi2/0/42
untitled text 94:345: 08-May-2023 11:00:56 :%LINK-W-PORT_SUSPENDED: Port fi2/0/42 suspended by acl-deny
untitled text 94:517: 07-May-2023 13:39:24 :%STP-W-PORTSTATUS: fi2/0/42: STP status Forwarding
untitled text 94:519: 07-May-2023 13:39:20 :%LINK-I-Up: fi2/0/42
untitled text 94:521: 07-May-2023 13:39:14 :%LINK-W-Down: fi2/0/42
untitled text 94:523: 07-May-2023 13:39:10 :%LINK-I-Up: fi2/0/42
untitled text 94:525: 07-May-2023 13:39:08 :%LINK-W-Down: fi2/0/42
untitled text 94:527: 07-May-2023 13:39:05 :%LINK-I-Up: fi2/0/42
untitled text 94:529: 07-May-2023 13:39:00 :%LINK-W-Down: fi2/0/42
untitled text 94:605: 07-May-2023 03:21:25 :%SEC-I-PORTAUTHORIZED: Port fi2/0/42 is Authorized
untitled text 94:625: 07-May-2023 03:21:17 :%STP-W-PORTSTATUS: fi2/0/42: STP status Forwarding
untitled text 94:644: 07-May-2023 03:21:08 :%SEC-W-PORTUNAUTHORIZED: Port fi2/0/42 is unAuthorized
untitled text 94:646: 07-May-2023 03:21:08 :%LINK-I-Up: fi2/0/42
untitled text 94:775: 07-May-2023 03:20:49 :%LINK-W-Down: fi2/0/42
untitled text 94:938: 07-May-2023 03:18:25 :%LINK-W-Not Present: fi2/0/42
untitled text 94:1390: 05-May-2023 00:22:28 :%STP-W-PORTSTATUS: fi2/0/42: STP status Forwarding

 

switch3#sh int count fi2/0/42

Port InUcastPkts InMcastPkts InBcastPkts InOctets
---------------- ------------ ------------ ------------ ------------
fi2/0/42 157428 62077 2607 50388306

Port OutUcastPkts OutMcastPkts OutBcastPkts OutOctets
---------------- ------------ ------------ ------------ ------------
fi2/0/42 716392 6149710 2691263 1430934600

FCS Errors: 0
Single Collision Frames: 0
Multiple Collision Frames: 0
SQE Test Errors: 0
Deferred Transmissions: 0
Late Collisions: 0
Excessive Collisions: 0
Carrier Sense Errors: 0
Oversize Packets: 0
Internal MAC Rx Errors: 0
Symbol Errors: 0
Received Pause Frames: 0
Transmitted Pause Frames: 0

Labels:
0 Helpful
6 Replies 6

marce1000
VIP
VIP

‎05-09-2023 01:51 AM

 

           - FYIhttps://bst.cloudapps.cisco.com/bugsearch/bug/CSCvf88738

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

henrihoffmann
Level 1
Level 1
In response to marce1000

‎05-09-2023 03:40 AM

Hi Marce,

thanks, but ...

Conditions: unbind the ACL from port under traffic, and the ACL includes a deny ACE with an "disable-port" option.

Have here no ACLs defined.

Thanks again

Henri

0 Helpful

marce1000
VIP
VIP
In response to henrihoffmann

‎05-09-2023 03:53 AM

 

  - Try using the latest firmware for the CBS350 (stack)   : check if that can help

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

henrihoffmann
Level 1
Level 1
In response to marce1000

‎05-14-2023 10:02 AM

Hi Marce,

did not help.

Henri

Active-image: flash://system/images/image_cbs_ros_3.3.0.16_release_cisco_signed.bin
Version: 3.3.0.16
MD5 Digest: 7decdf94fd5999afb7b07509896c693b
Date: 23-Mar-2023
Time: 11:37:54

 

 

14-May-2023 00:19:34 :%LINK-W-Down: fi2/0/42
14-May-2023 00:19:32 :%LINK-W-PORT_SUSPENDED: Port fi2/0/42 suspended by acl-deny

 

0 Helpful

henrihoffmann
Level 1
Level 1
In response to henrihoffmann

‎06-27-2023 05:59 AM

It happens again and again....

2023-Jun-27 07:00:19

%LINK-W-PORT_SUSPENDED: Port fi2/0/44 suspended by acl-deny

 

0 Helpful

henrihoffmann
Level 1
Level 1
In response to henrihoffmann

‎07-04-2023 12:35 AM

Screenshot 2023-07-04 at 09.33.32.png

0 Helpful
Customers Also Viewed These Support Documents