Guest

Preview Tool

Cisco Bug: CSCua92556 - ASA sip inspect - Pre-allocate SIP NOTIFY TCP secondary channel

Last Modified

Apr 16, 2020

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

8.2(4.4)

Description (partial)

Symptom:
ASA Creates multiple duplicate secondary pinholes

TCP outside 10.234.87.4:2436 inside 10.19.10.7:0, idle 0:00:20, bytes 0, flags Ti
TCP outside 10.234.87.4:2436 inside 10.19.10.7:0, idle 0:02:20, bytes 0, flags Ti
TCP outside 10.234.87.4:2436 inside 10.19.10.7:0, idle 0:04:20, bytes 0, flags Ti
TCP outside 10.234.87.4:2436 inside 10.19.10.7:0, idle 0:06:20, bytes 0, flags Ti
TCP outside 10.234.87.4:2436 inside 10.19.10.7:0, idle 0:08:20, bytes 0, flags Ti
TCP outside 10.234.87.4:2436 inside 10.19.10.7:0, idle 0:10:20, bytes 0, flags Ti
TCP outside 10.234.87.4:2436 inside 10.19.10.7:0, idle 0:12:20, bytes 0, flags Ti
TCP outside 10.234.87.4:2436 inside 10.19.10.7:0, idle 0:14:20, bytes 0, flags Ti
TCP outside 10.234.87.4:2436 inside 10.19.10.7:0, idle 0:16:19, bytes 0, flags Ti
TCP outside 10.234.87.4:2436 inside 10.19.10.7:0, idle 0:18:19, bytes 0, flags Ti


Conditions:

Sip inspection should be enabled on ASA
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.