The OPEN_PORT action does not work with the Symantec LAN Enforcer

Article:TECH183784  |  Created: 2012-03-14  |  Updated: 2012-03-15  |  Article URL http://www.symantec.com/docs/TECH183784
Article Type
Technical Solution


Issue



When using the Symantec Network Access Control (SNAC) product, the OPEN_PORT switch action is not working as expected while the ASSIGN_VLAN action does.

The OPEN_PORT action leaves the switch port in the previous vlan instead of moving the port to the default vlan as expected.

 


Environment



The issue has been observed with certain older IOS versions on the following switches:

  • Cisco Catalyst 4500 series (IOS 12.2 50 SG1)

 


Solution



Upgrading the Cisco IOS to the most recent version (12.2 54 SG1 or later) resolves the issue.

As a workaround the ASSIGN_VLAN action can be used, pointing to the default vlan.

 




Article URL http://www.symantec.com/docs/TECH183784


Terms of use for this information are found in Legal Notices