Guest

Preview Tool

Cisco Bug: CSCtd57788 - Dynamic access list not removed when session goes down.

Last Modified

Feb 28, 2018

Products (1)

  • Cisco IOS

Known Affected Releases

12.2(33.1.13)MCP6 15.1(0.18)T 15.1(0.9)T

Description (partial)

Symptoms: A dynamic IP ACL is created when a session comes up and is together
with the policy private route created according to the "Ascend-Private-Route"
downloaded from the user profile. When the session goes down, the route is
cleared but the dynamic ACL is not cleared:

dge2-18#sh ip access-lists dynamic
Extended IP access list pbr#1
    10 permit ip any host 10.1.1.1 (5 matches)
Extended IP access list pbr#2
    10 permit ip any host 10.1.1.1 (5 matches)
Extended IP access list pbr#3
    10 permit ip any host 10.1.1.1 (25 matches)
Extended IP access list pbr#4
    10 permit ip any host 10.1.1.1 (25 matches)
Extended IP access list pbr#5

Conditions: The symptom is observed with routes downloaded from the radius server.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.