Cisco Bug: CSCtd60804 - CSM managing A/A FWSM will not use configured management ip of context
Nov 10, 2016
- Cisco Security Manager
Known Affected Releases
Symptom: When using CSM to manage active/active Firewalls, when you configure a management ip address to manage a context directly, CSM will continue to use the admin/system space ip address to access the conext with the 'changeto context xxxxx' capability. In A/A failover, this causes deployments to fail to contexts active in group 2 on the secondary FWSM. Conditions: This condition is triggered with a specific process used to configure the management ip address of the contexts - import the firewall via the system/admin context which automatically imports all contexts - select your system space in csm and on the Security Contexts configuration page, right click on your context and select 'edit row' - configure the Management IP Addr, hit ok, and then save. - select the context itself, right click and go to device properties to configure credentials. any changes made and deployed to this context will NOT use the configured management ip address but will use the admin/system space ip address.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases