Cisco Bug: CSCtb50399 - config sync- commands in different order on primary and standby
Nov 08, 2016
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
Symptom: Cisco PIX Security Appliance Software Version 7.2(4) Customer is reporting that several configuration elements are getting out of sync after time. Triggers for this appear to be after entering write standby command.They run scripts that prints the configurations of the Primary and Secondary PIX's and then does a line by line compare. The script errors off when it sees a condition like this: This host: Primary - Active PIX3(config)# show run | inc ip audit ip audit name test attack action alarm ip audit name test1 info action alarm ip audit interface OUTSIDE test1 ip audit interface OUTSIDE test ip audit interface INSIDE test1 ip audit interface INSIDE test ip audit signature 2004 disable This host: Secondary - Standby Ready PIX3# show run | inc ip audit ip audit name test1 info action alarm ip audit name test attack action alarm ip audit interface OUTSIDE test1 ip audit interface OUTSIDE test ip audit interface INSIDE test1 ip audit interface INSIDE test ip audit signature 2004 disable PIX3# Conditions: Customer running PIX version 7.2(4). Customer sees issue using failover serial cable. TAC repro also sees issue using LAN failover.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases