Table 4 Resolved Caveats in Version 8.1(2)
Caveat ID
|
Description
|
CSCsg69408
|
Need warning when using time based ACLs with policy NAT/PAT
|
CSCsg75094
|
LDAP: ASA cannot authenticate to Active Directory using MD5
|
CSCsh91747
|
SSL VPN stress cause SSL lib error. Function: DO_SSL3_WRITE
|
CSCsi06469
|
Inactivating then reactivating nat 0 multiple access-lists breaks nat 0
|
CSCsi79159
|
admin connections to PIX with crypto card via management-access fail
|
CSCsj05862
|
Traceback in Thread Name: radius_snd
|
CSCsj25896
|
Crypto Accelerator Memory Leak
|
CSCsk08454
|
ASA 8.0 fails to send TACACS request over L2L tunnel
|
CSCsk27107
|
ldap CRL retrieval fails - ldap-default not used
|
CSCsk42595
|
ASA:: 2 Factor Authentication with Password-Management Fails for SSL VPN
|
CSCsk47949
|
ASDM hangs at 47% if packet losses on the network
|
CSCsk48355
|
ISAKMP SA stuck in AM_WAIT_DELETE after ASA upgrade
|
CSCsk50583
|
IPV6: Anyconnect does not work when using ipv6 with vlans.
|
CSCsk59189
|
Top N data sent to ASDM is incorrect when ACE changes
|
CSCsk63633
|
WebVPN: ERROR: Invalid tunnel group name <certs> during replication
|
CSCsk87951
|
Group URL not working as expected with AnyConnect
|
CSCsk89022
|
ASA traceback while removing dhcpd configuration.
|
CSCsk96804
|
Traceback in Thread Name: Dispatch Unit with inspect h323
|
CSCsk97830
|
Traceback in thread name Dispatch Unit .
|
CSCsl02630
|
WebVPN: Traceback in Thread Name: emweb/https
|
CSCsl10052
|
new L2TP sessions are denied after %ASA-4-403103 is seen in the logs
|
CSCsl10066
|
ASDM states ASDM is temporarily unable to contact the firewall
|
CSCsl32785
|
Traceback in Thread Name: pix_flash_config_thread
|
CSCsl34791
|
WebVPN: Traceback in Thread Name: Dispatch Unit
|
CSCsl43246
|
L2TP with EAP authentication In use List count session slowly leaking
|
CSCsl51292
|
IPSEC VPN tunnel on 8.0.3 fails every couple days
|
CSCsl51797
|
ASA traceback in AAA thread
|
CSCsl52895
|
ASA 7.2.3 number of IPSec SA not replicated in failover unit
|
CSCsl57533
|
"setting privilege for capture does not affect ""no capture"""
|
CSCsl59247
|
Unable to request CRL for trustpoint with only ID certificate
|
CSCsl66538
|
"ASA ""hardware accelerator encountered an error (Invalid PKCS Type)"""
|
CSCsl79211
|
Traceback: AAA task overflow when object-group acls and virtual telnet
|
CSCsl82200
|
IPSec not encrypting after failover.
|
CSCsl84204
|
Xlate timers for RTP/RTCP on standby unit aren't synched with active
|
CSCsl94183
|
ASA- Clientless webvpn 'error contacting host' accessing CIFS shares
|
CSCsl95244
|
Traceback in Dispatch Unit caused by rapid connection successions
|
CSCsl95286
|
Control-plane feature not working for https traffic to-the-box
|
CSCsl95856
|
DHCP learned default route not in route table if other DHCP interfaces
|
CSCsl96219
|
SIP: Failure to associate re-invites to the original SIP session
|
CSCsl96502
|
SIP: sess is not kept around for ACK in response to non2xx final RESP
|
CSCsl99322
|
Traceback at ids_put in Thread Name: Dispatch Unit
|
CSCsm01524
|
"Outlook, Outlook express email proxy functionality broken in 8.0.2"
|
CSCsm02280
|
Status says registering but device does not send Register packets
|
CSCsm02939
|
Memory leak while processing SSL transactions
|
CSCsm05055
|
Traceback seen when 'established udp 0 0' command is enabled
|
CSCsm09584
|
EAP l2tp authentication fails if mschapv2 is configured on the same TG
|
CSCsm10353
|
AnyConnect password that contains brackets <> will fail authentication
|
CSCsm14283
|
"ICMP (type 3, code 4) packet not returned from PPPoE interface"
|
CSCsm20204
|
Extended ping command with no ip specified causes stuck thread
|
CSCsm21493
|
SSLVPN : 'vlan' restriction in a group-policy propagated to all policies
|
CSCsm22002
|
Traceback in qos/qos_rate_limiter while processing pakt with TCP flow
|
CSCsm22781
|
PIX/ASA: RPF(reverse path forwarding)chk fails when PMTUD packet is sent
|
CSCsm25189
|
Inconsistent behavior for different kind of SIP packets
|
CSCsm26841
|
Watchdog failure: TLS fragmented client hello message.allocb+185
|
CSCsm30926
|
ASA: Traceback with high voice traffic and voice inspection
|
CSCsm32507
|
External group policy authentication failure with password-management
|
CSCsm32904
|
Login fails when CRL not cached
|
CSCsm36660
|
DHCP Server: Must send DHCP decline if DHCP proposes in-use address
|
CSCsm36857
|
External group-policy via Radius can cause duplicate IP assignment
|
CSCsm37151
|
skinny inspection blocking pinhole w/ high skinny load on rsvp agent
|
CSCsm39241
|
PIX/ASA: Traceback in Thread Name: netfs_thread_init
|
CSCsm39781
|
ASA High CPU under certain configuration conditions
|
CSCsm39805
|
Unable to configure http access in order to manage ASDM
|
CSCsm40251
|
ASDM falsely shows interface status as down/down
|
CSCsm41986
|
Need to handle fragmented IP packets with 8-byte first frag
|
CSCsm44988
|
ASA does not send authentication request to http-form aaa-server
|
CSCsm45722
|
SIP:Caller's RTP/RTCP timeout should set to sip_invite
|
CSCsm46182
|
DHCP Client: Device's DHCP client does not renew when lease expires
|
CSCsm46248
|
ASA traceback in netfs thread unit
|
CSCsm46880
|
Aware HTTP Server: memory leak
|
CSCsm47185
|
traceback when an interface configured for IPV6 changes to link up state
|
CSCsm48386
|
ASA with local command authorization not able to download conf from AUS
|
CSCsm49741
|
Clientless SSl VPN: Max session timeout popup not displayed
|
CSCsm50135
|
Memory leakage caused by catcher_recv_packet_have_sa
|
CSCsm50494
|
Device is not able to process CRL with extension CRL number > 65535
|
CSCsm50856
|
L2L: Phase 2 SA fails when both sides try to initiate at the same time.
|
CSCsm51093
|
Cannot establish WebVPN session to ASA-5550 - memory allocation error
|
CSCsm51459
|
GTP: IMSI prefixing doesn't work with 2 digit MNC
|
CSCsm55261
|
Cannot establish WebVPN session to ASA-5510 - memory allocation error
|
CSCsm55447
|
ASA/WebVPN Citrix sessions randomly dropped
|
CSCsm55947
|
"Failover interface is not listed in ""ifTable"" MIB"
|
CSCsm56957
|
Traceback occurs in Dispatch Unit with QoS
|
CSCsm57803
|
DAP: network filter is deleted for all clients upon disconnect of user
|
CSCsm57920
|
H323: inspection on video call may cause traceback within 5 min
|
CSCsm59304
|
SIP: INVITE not passing after failover
|
CSCsm60846
|
DAP: Tunnel Group attribute is not populated with Cert Authentication
|
CSCsm61494
|
"SIP: Inspection may open unknown port ""50195"""
|
CSCsm61775
|
SIP: Unnecessary xlate created after a voice device hands over
|
CSCsm62080
|
ASA 8.0 webvpn corrupts radius request when using domain
|
CSCsm62831
|
SIP: Unneeded half-open xlate entry is generated
|
CSCsm63108
|
2048 blocks depleted with swebsense url-filtering enabled
|
CSCsm64838
|
Traceback occurs in Dispatch Unit with 7.2.3.15 and L2TP/PPP
|
CSCsm65019
|
Websense encryption is not supported error on ASA
|
CSCsm66887
|
Nas-Port attribute differs for authentication/accounting for l2tp/ipsec
|
CSCsm66982
|
PIX/ASA: L2TP session should not establish when authorization fails
|
CSCsm68097
|
SSH resource exhausted preventing further sessions
|
CSCsm69116
|
L-L tunnels still failing upon IP addr change on peer.
|
CSCsm70077
|
SIP:Local/Local connection entry is created
|
CSCsm70101
|
Unable to apply priority command in policy map while configuring QOS-ASA
|
CSCsm70246
|
"SIP: Duplicate ""mi"" connections when receiving REINVITE"
|
CSCsm71691
|
Plug-in client fails when the Citrix farm is set with heightened encrypt
|
CSCsm71772
|
Memory leak in 141824 size block when using cut-through authentication
|
CSCsm73565
|
Traceback in Thread Name Dispatch Unit during network scan
|
CSCsm73574
|
ASA 5505 asserts when configuration is cleared
|
CSCsm73654
|
Syslog 111111 appears when both active/standby units reload at once
|
CSCsm75212
|
Traceback in Thread Name: IKE Daemon (Old pc 0x0050a493 ebp 0x0346e)
|
CSCsm77958
|
ASA may crash while processing PPPoE and SSL VPN transactions
|
CSCsm80984
|
show version: command displays incorrect value for total RAM
|
CSCsm81609
|
ASDM: users go to portal page instead of SVC starting automatically
|
CSCsm82753
|
Phase 2 fails if PFS is required. - ASA -IOS l2tp IPSEC
|
CSCsm82803
|
webvpn load balancing presents wrong certificate after reboot
|
CSCsm82887
|
FO: IPSec RA session not replicated if addr pool defined in group policy
|
CSCsm82893
|
Existing Local CA Users are deleted when modifying User Database
|
CSCsm83007
|
WebVPN: Message body is blank when sent w/ Firefox via Lotus iNotes Web
|
CSCsm83098
|
SIP:Fails to create m connection when ACK to 407 is lost
|
CSCsm83636
|
CPU hog during config sync
|
CSCsm84110
|
ASA may traceback with malformed TCP packets
|
CSCsm85736
|
shutdown interface e0/6 triggers interface e0/0 shutdown on ASA5505
|
CSCsm85872
|
snmp trap for PHYSICAL interface is not sent when a port goes down.
|
CSCsm86188
|
ASA 5580: Management interface causes packet loss in transparent mode
|
CSCsm86644
|
sunrpc tcp inspect fragment reassembly fails in certain cases.
|
CSCsm87035
|
DHCP Relay: offer msg is not egressing to ASA interface going to another
|
CSCsm87351
|
simultaneous accounting - the request are not forwarded to FAILED serve
|
CSCsm87892
|
ASA 5505 Interface Hangs
|
CSCsm88116
|
SIP:Failure to update to-tag when no-2xx response is received
|
CSCsm90239
|
ASA traceback in Unicorn Admin Handler Thread
|
CSCsm90267
|
SIP: media pinholes not opened when callers SDP is sent in ACK
|
CSCsm91261
|
Traceback seen in 'ssh' thread
|
CSCsm92266
|
Traceback may occur when AAA command authorization is enabled
|
CSCsm92275
|
SQL inspection rewrites IP addresses embeded in SQL data
|
CSCsm92423
|
Memory leak found in DTLS
|
CSCsm92613
|
ASP drop capture missing type for vpn-handle-error
|
CSCsm93071
|
5505: 'no buffer' and 'input error' not correct on InternalData0/0
|
CSCsm93115
|
Memory leak in DMA free crypto memory 8.0.3.6
|
CSCsm95566
|
EIGRP: Does not send ALL redistributed static routes to peer devices
|
CSCsm95593
|
Accounting-start sent before access-request for L2TP VPN
|
CSCso00670
|
Move ssl debug commands from menu to real CLI
|
CSCso01090
|
ASA5505:copy config from disk0:/ to running-config makes int e0/0 down
|
CSCso03100
|
SSL cache entries timing out prematurely
|
CSCso03582
|
Overrun counter increments when REINVITE is recevied
|
CSCso03722
|
L2TP/IPSec session increases MIB active user statistics
|
CSCso05327
|
Cert from 3k imported into ASA causes Hardware error on use
|
CSCso05797
|
ASA stops accepting L2TP/IPSec connections with rsa-sig
|
CSCso06690
|
ASA 8.0.3.2 memory leak in 0x089a27a5 <cifs_browse_server_sync+1349>
|
CSCso07025
|
Memory is leaked whenever directory is opened.
|
CSCso08335
|
ISAKMP: Add syslog when Aggressive mode aborted when Spoof Protection
|
CSCso08954
|
Traceback in Unicorn Proxy Thread (Old pc 0x08acb2dc <fiber_yield+92> )
|
CSCso10078
|
Traceback occurs when wr mem command is entered
|
CSCso10129
|
PIX puts user in unusable prompt when webvpn attributes command is used
|
CSCso10876
|
ASA Completes SSL Handshake With Non-Authorized HTTPS Clients
|
CSCso15583
|
Traceback when many remote peers try to establish ipsec L2L tunnels
|
CSCso17518
|
Traceback with 200+ ldap group memberships and radius accounting
|
CSCso17578
|
VPNLB: WebVPN client cannot connect to VPN load-balancing cluster
|
CSCso17900
|
DFP may not background free due to memory calculation
|
CSCso17920
|
SIP media connection cannot be created more than 13 when PBX is used
|
CSCso18045
|
PKI: session opening checks client-types instead of id-usage setting
|
CSCso18239
|
Certificate authentication failing because of the certificate size
|
CSCso18757
|
SNMP crasSessionTable Remote Access MIB returns some incorrect entries
|
CSCso20009
|
ASA DHCP proxy not working for L2TP connections
|
CSCso21019
|
SNMP crasSessionTable Remote Access MIB incorrect EncryptionAlgo
|
CSCso21063
|
l2tp/ipsec client on IOS - tunnel does not go up when behind nat
|
CSCso22981
|
Traceback in Thread Dispatch unit related to IM inspection
|
CSCso24103
|
Delivering shape average command through https failed
|
CSCso24494
|
PIX/ASA: DHCP server fails to respond to Vista DHCPINFORM request
|
CSCso26240
|
Not able to configure redundant subinterfaces in multicontext
|
CSCso31622
|
"WebACLs ""log disable"" changes ACE to ""log informational internal 300"""
|
CSCso33343
|
5505: CPU usage averages 60+% on idle device
|
CSCso33791
|
VPNC: Erroneous Tunnel Rejected Syslog when connecting
|
CSCso33873
|
L2TP/IPsec connection cannot pass data
|
CSCso35351
|
Traceback in Thread Name: vpnfol_thread_msg with show run
|
CSCso35664
|
http server leaks AWARE contexts
|
CSCso36070
|
Value returned by sysServices MIB is incorrect
|
CSCso37056
|
Memory leak when generating Diffie-Hellman keys.
|
CSCso38699
|
CPU Hog when replicating config to standby unit
|
CSCso38702
|
IPSec Pass-through breaks after enabling RA VPN on ASA
|
CSCso40008
|
PIX is sending DN during rekey instead of FQDN
|
CSCso40159
|
Ports used by static PAT configurations are not removed from PAT pool
|
CSCso40520
|
re-INVITE is dropped when it's exceeded 119ch after establishing 400ch
|
CSCso41122
|
WebVPN Citrix connection should disable idle timeout and Nagle
|
CSCso42643
|
WebFO: WebVPN sessions not replicated until after FO forced
|
CSCso42664
|
"cifs://Macro#1:Password_Macro#2@server url, Macro#2 not substituted"
|
CSCso43026
|
Traceback in Thread Name: Dispatch Unit (Old pc 0x00223a67 ebp 0x018b
|
CSCso43383
|
SIP:media xlate idle timer is not refreshed when receiving 200ok
|
CSCso43850
|
enhance redun ifc as failover ifc to handle comm failure after reload
|
CSCso46028
|
ASA 8.0 CLI : Unable to edit http-form server
|
CSCso48906
|
DAP User Message not displayed for DfltAccessPolicy
|
CSCso50226
|
PIX/ASA does not send invalid SPI notification for non-existent IPSEC sa
|
CSCso50272
|
PIX/ASA:'vpn-simultaneous-logins 1' prev session disc reason not correct
|
CSCso51034
|
Disconnect redundant interface active member cable stops traffic
|
CSCso51223
|
Traceback in Thread Name: logger_save
|
CSCso51544
|
ASA overwirtes default config when rate-interval is set to 600
|
CSCso52787
|
AAA: Radius accounting for mail-proxy SMTPS POP3S fails
|
CSCso53162
|
Traceback in DTLS with TLS fragment handling
|
CSCso55494
|
Traceback in PPP callback from AAA thread
|
CSCso58409
|
'vpn-sessiondb logoff all' does not logoff embryonic sessions
|
CSCso58622
|
"IPv6: IP services are reachable from the ""far side of the box"""
|
CSCso60533
|
Non-existing hosts counted towards the license on ASA 5505
|
CSCso60605
|
ISAKMP : ASA installs permit rule with the interface network mask
|
CSCso61549
|
Performance Monitor doesn't show all ASAs in the Load Balancing Cluster
|
CSCso62906
|
ASA traceback when running show pim tunnel <interface> command
|
CSCso62916
|
allocate interface command fails to execute intermittantly.
|
CSCso63159
|
Traceback in fover_thread while testing licensing regression scripts
|
CSCso63371
|
Panic: Dispatch Unit - Fmsg_free() - non null next on MMP traffic
|
CSCso64731
|
security-association lifetime cannot be removed with no crypto map ...
|
CSCso65837
|
write mem from HTTPS adds no monitor-interface CLIs to startup config
|
CSCso66472
|
Crypto memory leak causing Clientless SSL VPNs to hang
|
CSCso66807
|
Sometimes Group field is missing in UI when connecting using AnyConnect
|
CSCso68547
|
PIX/ASA HTTP inspection: Multiple content-length headers issue
|
CSCso69942
|
Traceback in Remote Access Authentication Code
|
CSCso73918
|
WebVPN: Standby Traceback in Thread Name: vpnfol_thread_sync
|
CSCso76162
|
Traceback in Dispatch Unit possibly with tcp proxy
|
CSCso76164
|
Traceback in Dispatch Unit with SSLVPN connection
|
CSCso79412
|
traceback in dispatch thread/occam during CUMA testing
|
CSCso79675
|
After CSD Host scan AAA doesn't execute on ASA 8.0.3.11 with group-url
|
CSCso79906
|
TCP reset sent for AnyConnect session
|
CSCso81153
|
Traceback in dispatch unit with MGCP inspection
|
CSCso82264
|
ICMP inspection may drop ICMP error packets
|
CSCso83246
|
Traceback seen while connecting via asdm running on osx platform.
|
CSCso84215
|
"High CPU by using ASDM with ""log asdm info"" configured"
|
CSCso84996
|
ASA truncates CN field at 11 characters if CN contains '@' (W2K CA)
|
CSCso85005
|
WebVPN: No disconnection due to idle timeout when using OWA with IE6
|
CSCso85369
|
CSD: DfltCustomization loaded if pre-login check enabled
|
CSCso85433
|
VPNLB: does't work when using non-default webvpn port 8.0
|
CSCso85452
|
h323 messages on console; performance degrade
|
CSCso85492
|
http redirect doesn't redirect to configured webvpn port if not 443
|
CSCso85547
|
ipAdEntIFIndex MIB value not sent at failover interface
|
CSCso87435
|
NAT-T not working when client source port not 4500 with ACL match
|
CSCso88533
|
Traceback attempting federation from LCS to CUP
|
CSCso89246
|
PP: media termination ifc doesnt come up on 5505 with base license
|
CSCso90892
|
RDP client with MAC OS using Firefox and safari fails to open
|
CSCso91010
|
ASA doesn't send RootCA cert in chain
|
CSCso91051
|
WebVPN: Broken logic with Passcode caption in the portal
|
CSCso91190
|
Traceback while deleting static NAT configuration
|
CSCso91658
|
IP tos byte for skinny/ sip packet is lost if inspection is configured
|
CSCso93088
|
Fragmented multicast traffic gets repeated and corrupted
|
CSCso93969
|
ASA mangling errors with certain webpages
|
CSCso94098
|
"SIP:""o=""address in SDP is not translated when ""c="" is in all media desc."
|
CSCso94668
|
2048 bytes block memory leak
|
CSCso95135
|
Zero-downtime upgrade from 7.2 not possible anymore after 8.0.3.10
|
CSCso97405
|
ASA should allow configurable MSS or use from MTU for to-the-box traffic
|
CSCsq00551
|
" CSD: It will show ""please wait..."" instead of providing the logon page"
|
CSCsq01754
|
SYSOPT CONNECTION RECLASSIFY-VPN command doesn't work
|
CSCsq02543
|
Inspect waas under several applied policy causing memory leak
|
CSCsq03137
|
Traceback at thread emweb/https
|
CSCsq03893
|
Segmented HTTP GET request are not parsed by Filtering and HTTP inspect
|
CSCsq04082
|
LDAP AAA server with null hostname causes traceback
|
CSCsq06129
|
PIX/ASA: Standby unit may reboot without recording a crash file
|
CSCsq07395
|
Adding shaping service-policy fails if policy-map has been edited
|
CSCsq08550
|
Traffic shaping with priority queueing causes traffic failure on ASA
|
CSCsq08990
|
PIX/ASA certificate authorization fails if UPN is not last attr in SAN
|
CSCsq09925
|
Assertion failure in thread name vpnfol_thread_msg and nested page fault
|
CSCsq10581
|
ASA5580 traceback when using ASDM
|
CSCsq11691
|
Traceback occurs in Dispatch Unit with 7.2.3.19 and L2TP/PPP
|
CSCsq11726
|
Traceback in PPP callback from AAA thread (UPAP/PAP)
|
CSCsq12934
|
"Auth proxy fails w/ ""too many pending auths"" in syslog"
|
CSCsq13321
|
Standby Failover unit traceback in Thread Name: vpnfol_thread_msg
|
CSCsq14358
|
ASA: traceback in Thread Name: netfs_thread_init
|
CSCsq17879
|
Memory leaks while parsing subject alternate name (SAN) from a cert
|
CSCsq18133
|
Standalone AnyConnect prompts for user/pass instead of user cert
|
CSCsq19369
|
URI Processing Error in Clientless SSL VPN connections
|
CSCsq20042
|
'vpnclient enable' breaks 'aaa mac-exempt match'
|
CSCsq22716
|
Threat Detection - incorrectly classifying drops as scanning threat
|
CSCsq24213
|
ASA HEAP memory leak in ldap_client_root_dse_get
|
CSCsq24468
|
PIX/ASA ipsec start/stop trap is sent by standby unit
|
CSCsq24915
|
ASA traceback in thread name netfs_thread_init
|
CSCsq27110
|
Remove asdm location and group commands from startup config
|
CSCsq27132
|
Top 10 Access Rules show multiple lines for same ACL
|
CSCsq27193
|
ASA HEAP memory leak in webvpn_ParseURL
|
CSCsq29263
|
Case Sensitivity of Issuer check for certificates on ASA
|
CSCsq30162
|
TCP proxy needs global timeout for reassembled packets
|
CSCsq31279
|
New IPSec SA deleted after rcving P2 DEL for old SA from MS L2TP/IPSec
|
CSCsq31399
|
Traceback in Thread Name: vpnfol_thread_msg when doing write standby
|
CSCsq33551
|
SIP/ACK session remains if ASA receives ACK as the 1st packet
|
CSCsq34316
|
idle ssl vpn conns do not timeout
|
CSCsq35987
|
"ASA 7.2/8.0: ""dhcpd auto_config"" breaks L2TP split-tunneling on Win XP"
|
CSCsq36847
|
WebVPN: HTML editor shows a blank page
|
CSCsq37050
|
PPPoE causing routing change on identity interface
|
CSCsq37647
|
Overrun/Underrun/NoBuffer cntrs are incremented when sip-invite timeout
|
CSCsq39905
|
Traceback in IPsec message handler
|
CSCsq40755
|
CSD: WebVPN users get stuck in login loop when CSD enabled
|
CSCsq40777
|
ASA traceback when AIP module is reloaded
|
CSCsq42302
|
With very small probability legitimate cmd is rejected by ASA
|
CSCsq43878
|
multi mode A/A failover write standby will see crypto CLI error in stby
|
CSCsq44735
|
"ASA: redudant failover interface is failed, but ping works"
|
CSCsq44802
|
ASA EzVPN server preserves static RRI routes when interface is shut down
|
CSCsq44918
|
Traceback in vpnfol_thread_timer (Address not mapped)
|
CSCsq45636
|
Potential Information Disclosure in Clientless SSL VPNs
|
CSCsq46071
|
ASA 8.0: Should escape special characters in WebVPN Macro substitution
|
CSCsq46120
|
Traceback in PPP AAA callback routines when DFP is enabled
|
CSCsq46179
|
Longer timer needed for eToken credential entry.
|
CSCsq46425
|
Traceback in Dispatch Unit (Page Fault)
|
CSCsq47894
|
POP3s email proxy stuck with zero window to POP3 server during mail read
|
CSCsq50310
|
Management intf forward BPDU to the layer 2 FW
|
CSCsq50448
|
Traceback in Thread Name: netfs_thread_init
|
CSCsq50471
|
Traceback in Thread Name: Unicorn Proxy Thread
|
CSCsq50494
|
PIX/ASA: NAT-T Keepalive should not generate UDP request discarded msg
|
CSCsq51210
|
TCP/TLS segments from CUP dropped
|
CSCsq53954
|
RRI route not removed if more specific dynamic route for same net exists
|
CSCsq54870
|
WebVPN: ASA reloads when accessing CIFS share
|
CSCsq55969
|
show parser dump all causes Traceback in ci/console
|
CSCsq57163
|
SNMP ifSpeed incorrect for internal/data interfaces
|
CSCsq57465
|
Snmpwalk returns 0 counters for inside & outside interface
|
CSCsq58887
|
WebVPN: Smart Tunnels on Mac is failing to load page
|
CSCsq59163
|
WebVPN: CIFS Browse Networks icon not removed when browsing is disabled
|
CSCsq59967
|
SSL VPN: incorrect handling of cookie expiration date
|
CSCsq60414
|
ASA fails to update mac address table after failover
|
CSCsq60646
|
SSL VPN: Incorrect handling of HTTP in META HTTP-EQUIV
|
CSCsq61406
|
ASA 8.0.3 traceback on compac flash insert
|
CSCsq62883
|
SSL VPN: POST plugin does not work with Macro Substitutions
|
CSCsq63824
|
"ASA5580 assert failure on ""punt_elem == flow->punt_q_head"""
|
CSCsq65437
|
ASA 8.0 does not correctly calculate TCP MSS for traffic to the box
|
CSCsq65580
|
set nat-t-disable does not override crypto isakmp nat-traversal
|
CSCsq65899
|
"Change syslog ""ASA-0-716507: Fiber scheduler has reached unreachable..."""
|
CSCsq66348
|
Unable to SSH into Standby Firewall
|
CSCsq66561
|
Static arp entry for active or standby ips causes failover instability
|
CSCsq66899
|
Firewall replies with no data when optional firewall is configured
|
CSCsq67685
|
ASA 8.0.3(14) - GRE connections are not replicated to the standby unit
|
CSCsq68451
|
ASA5580 reloads during connection stress test
|
CSCsq68617
|
ASA5540 - High CPU during vpn auth if the AAA server is down
|
CSCsq70797
|
Unable to reserve port for static PAT
|
CSCsq71768
|
WebVPN shows 0.0.0.0 caller-ID in ACS Tacacs+ passed authentications
|
CSCsq71794
|
High cpu when redundant routes from multiple OSPF peers are processed
|
CSCsq73010
|
ASA 7.2.3.19 traceback in Thread Name: IKE Receiver
|
CSCsq73588
|
"ASA - CIFS ""Error contacting host"""
|
CSCsq74923
|
ASA - no support for auto update when used with webvpn on same int.
|
CSCsq75341
|
Traceback in Thread Name: Unicorn Proxy Thread
|
CSCsq77055
|
Hidden shares keep prompting for authentication and changes file type
|
CSCsq77160
|
telnet connection to management interface fails in routed mode
|
CSCsq78418
|
WebVPN portal susceptible to Cross Site Scripting (XSS) attacks
|
CSCsq78598
|
ASA5580 monitored interfaces bounce between Normal/Testing mode
|
CSCsq78902
|
Interim code 8.0(3)15 doesn't allow LDAP password change through WebVPN
|
CSCsq79382
|
ASA 8.0.3.12 aaa authentication listener with redirect will block conns
|
CSCsq80095
|
PIX/ASA: Console gets frozen if user logs in during failover replication
|
CSCsq81621
|
WebVPN: Smart Tunnels on MAC fails using process / application
|
CSCsq85304
|
Traceback with Thread 0 in thread group
|
CSCsq85924
|
Interface name is missing in syslog 411001 and 411002
|
CSCsq86976
|
Traceback in Thread Name: Unicorn Proxy
|
CSCsq89358
|
SSL VPN: Rewriting of META HTTP-EQUIV='Refresh' with an empty URL
|
CSCsq89467
|
Plugins cause java.io.IOException when web ACL is applied
|
CSCsq90760
|
Traceback in ci/console
|
CSCsq94183
|
"ASA - WebFolder ""Documents in this folder are not available"""
|
CSCsq94478
|
Memory leak in PKI name processing
|
CSCsq95023
|
Traceback when NULL parent conn has group lock points to another conn
|
CSCsq99869
|
Traceback on active ASA and switch to standby
|
CSCsr01745
|
"WebVPN: smart-tunnel bootup errors, config line disappears from config"
|
CSCsr01991
|
VPN load-balancing fails crypto negotiation
|
CSCsr02605
|
Logging out L2TP over IPsec sessions via ASDM can cause assert
|
CSCsr02624
|
Smart tunneled bookmarks fail in Internet Explorer with Proxy
|
CSCsr04639
|
traceback after SSH connection close from ASA5550
|
CSCsr05453
|
ASA/PIX:CPU spike may be noticed when removing objects from object-group
|
CSCsr06900
|
watchdog failure in sqlnet inspection engine
|
CSCsr07177
|
Traceback on adding acl element to acl associated with nat
|
CSCsr09163
|
webvpn - +webvpn+/index.html http response splitting problem
|
CSCsr11242
|
ASA 8.0 - Standby unit stuck in Sync Config state after write standby
|
CSCsr11626
|
skinny inspection breaks sccp calls through the firewall
|
CSCsr12367
|
WebVPN: http-form CLI commands broken
|
CSCsr17905
|
Slow memory leak due to crypto key generation
|
CSCsr20582
|
CSD: app error when launching (non-default webvpn port)
|
CSCsr23204
|
ARP collision detected: Primary MAC used by both active and standby
|
CSCsr23628
|
"ASA ignores webtype ACLs with ""?"" char in URL"
|
CSCsr25122
|
Page fault in IP thread under high traffic load
|
CSCsr25353
|
Scanning threat-detection reports incorrect victim subnets
|
CSCsr27940
|
sqlnet inspection should not handle multiple TNS frames in one packet
|
CSCsr28008
|
PAT src port allocation policy negates effect of host port alloc. policy
|
CSCsr29027
|
Traceback in thread name Checkheaps related to WebVPN
|
CSCsr32030
|
ASA 5510 not able to upgrade to Security Plus License from Base License
|
CSCsr32208
|
Active firewall fails to replicate any ICMP connections to standby
|
CSCsr39457
|
Skinny callgens fail to register due to small messages
|
CSCsr40360
|
iPhone 2.0 SW requires that ASA/PIX 7.x+ address mask is 255.255.255.255
|
CSCsr41534
|
ASA may traceback with Thread Name: emweb/https
|
CSCsr41612
|
Traceback in IP Address Assign
|
CSCsr41868
|
Cisco ASA w/ VPN- Array index out of bounds Software Failure
|
CSCsr45985
|
ASA 8.x WEBVPN: Web-Type ACL Filter incorrectly denies traffic
|
CSCsr46157
|
Traceback when 'no nameif' executed under an interface
|
CSCsr46385
|
ASA needs to support host ACE Entries for Multicast RP mapping
|
CSCsr46571
|
Additional WebVPN licenses are being used during every auth challenge
|
CSCsr47319
|
vpn-sessiondb data counters for webvpn sessions incorrect
|
CSCsr47881
|
Out of 80 byte blocks leads to Flow closed by inspection with TLS-Proxy
|
CSCsr50655
|
asa crash in dispatch unit
|
CSCsr57537
|
ASA Impossible to send mail with OWA when using CSC and WebVPN
|
CSCsr59417
|
Port Forwarding Fails Intermittently due to DNS
|
CSCsr60908
|
WebVPN CIFS failing with STATUS_NO_LOGON_SERVERS
|
CSCsr62405
|
reload occurs when url-server is unavailable and using udp transport
|
CSCsr63074
|
DPD not sent when peer is dead & tunnel not idle on s2s with 7.2.4
|
CSCsr63082
|
SSL VPN: link adds two extra slashes cifs:// to \\server\share/filename
|
CSCsr64970
|
ASA big dap.xml file partially replicated in failover
|
CSCsr65235
|
Samba authentication failure - CIFS implementation is case insensitive
|
CSCsr65574
|
Memory leak in AAA [ eap proxy ]
|
CSCsr65901
|
ASA reloads under heavy SIP traffic
|
CSCsr66684
|
TD Shun doesn't work if except list is specified
|
CSCsr66685
|
ASA re-loads on the text message test
|
CSCsr67861
|
"WebVPN: Can not open custom profile ""webfo"" (a nil value)"
|
CSCsr68315
|
second close to netfs thread causing traceback
|
CSCsr68455
|
CPU spike when deleteing IKE SA with VPN-Filters
|
CSCsr69563
|
Traceback if policies are modified while traffic is being processed
|
CSCsr71069
|
ASA - OSPF over IPSEC over PPPoe connection not working correctly
|
CSCsr73107
|
Pix traceback fover_parse page fault in route processing
|
CSCsr74439
|
PIX/ASA: Certain malformed NAT-T packets may cause IKE process to hang
|
CSCsr75077
|
Fallback case fails when OCSP revocation check configured
|
CSCsr75653
|
'set connection decrement-ttl' does not work
|
CSCsr81712
|
Memory leak with inspection IM enabled
|
CSCsr84998
|
SSL VPN: CSD tokens not cleaned up correctly
|
CSCsr91721
|
FOVER: Error trying to delete acl when used as a network-acl in DAP
|
CSCsr94152
|
ASA 5580 traceback due to vpn encryption
|
CSCsr98211
|
Smart tunnel connections remain active indefinitely after user's session
|
CSCsu00776
|
ASA 5580 traceback due to vpn encryption
|
CSCsu01332
|
PIX 6.x to 7.x upgrade removes nonegotiate from interface
|
CSCsu02317
|
ASA strips domain in RADIUS accounting packet
|
CSCsu02718
|
snmp get-next-request incorrect value IP-MIB::ipAdEntAddr from standby
|
CSCsu04547
|
Radius Challenge Message include <tag> make anyconnect fail
|
CSCsu06543
|
Proxy auth when in RSA Next-Token-Mode fails 50% of the redirection
|
CSCsu08061
|
ASA:RRI:Routes incorrectly deleted when split-tunneling enabled
|
CSCsu11361
|
Phone quickly re-registering with new IP requires additional license
|
CSCsu12382
|
"Some TLS packets may cause incorrect DMA mappings, leading to traceaback"
|
CSCsu21846
|
smart tunnel fail behind proxy server
|
CSCsu23121
|
"Cannot access CIFS shares based on ""name"" commands"
|
CSCsu26649
|
Large packets dropped with ip-comp enable configured
|
CSCsu29376
|
ASA 5580-20 traceback occurs when running multicast.
|
CSCsu37362
|
http inspection shouldn't reset for protocol-violation if not configured
|
CSCsu38292
|
interface Virtual254 appears in show interface output
|
CSCsu38385
|
Debug webvpn javascript trace user not disabled by undebug all
|
CSCsu40015
|
management-only cmd not synced. when m0/0 configured for failover
|
CSCsu41224
|
Crash in Thread Name: CMGR Server Process
|
CSCsu43121
|
Traceback: Long IKE attributes can cause buffer overrun
|
CSCsu46588
|
Heuristic based scanners report smart tunnel as malware
|
CSCsu50074
|
Traceback in Thread Name: IPsec message handler
|
CSCsu52268
|
SSH won't work to interface with ip address assigned via DHCP
|
CSCsu55368
|
Traceback caused by assert in snp_loopback_ifc.c
|
CSCsu55642
|
redundant interface switchover in transparent mode not stable
|
CSCsu63272
|
"reload after issuing show crypto ipsec sa, related to anti-replay"
|
CSCsu65383
|
QOS: L2L Police will not pass traffic
|
CSCsu66300
|
WebVPN CIFS bookmarks causes memory leak requiring a reboot
|
CSCsu80531
|
IPv6:Traceback after configuring ipv6 enforce-eui64
|
Feedback
Obtaining Documentation and Submitting a Service Request
