Several of our WSC3750G48PS stacks consisting of 8 member switches have been upgraded to 12.2(44)SE4 last week.
We use cisco ip-phones with PC's connected to them on almost each access port of the switch.
Port security & auto-qos & dot1x have been activated on every access port of the stack and acl's for vlan filters have also been configured.
We 've experienced twice the same problem after we upgraded the switch stack to 12.2(44) SE4:
several users got their ports in errordisable when they connected their laptops to the lan-port of the ip phone.
The following entries appeared in the log:
Jan 21 08:37:10.285: %PLATFORM_PM-3-HOSTACCESSFAIL: Unable to configure hardware to deny host access on Fa3/0/14. Port may not behave as expected. (D1Z-C3750S-S1-3)
Jan 21 08:37:10.285: %PM-4-ERR_DISABLE: port-mode-failure error detected on Fa3/0/14, putting Fa3/0/14 in err-disable state (D1Z-C3750S-S1-3)
Switch #3 was the stack master in both cases.
I know of bugid CSCsh30966 but it was resolved in 12.2(40). Cisco however does not mention anything about a stack.
I don't see TCAM -related messages in my logging buffer.
Could it be a bug in the image used?
Or could it be that the TCAM has filled completely? Should we activate another SDM-template? The stacks do not route so I assume that the vlan-template is the most appropriate one.
I've read about an "aggregate template" that provides more TCAM space but according to what I've read this template is only available on 3750-12S switches.Is this still true?
Thanks in advance,