Guest

Preview Tool

Cisco Bug: CSCuj08532 - User-IP mappings may not be learnt after restarting ADI service

Last Modified

Mar 09, 2018

Products (1)

  • Cisco ASA Next-Generation Firewall Services

Known Affected Releases

9.1(2)

Description (partial)

Symptom:
CX fails to learn user-IP mappings. adi.log file contains logs of this format:

2013-08-20 04:21:01,418 ERROR vdi.daemon           - adagent: failed to register for feed.

Conditions:
This has been seen intermittently on restarting the ADI service on the CX. This can happen wither when ALL serivces are restarted (either manually or automatically due to a configuration change) or if the AD Agent configuration is changed on the CX.

While CX is configured with an AD Agent or CDA:

Some event in the system causes ADI to restart Likewise
After the restart, at any point in the future (immediately or days), a network condition causes ADI to restart the communication with CDA.  This can be caused by changing configuration or ADI and CDA fall out of sync.

Once these events occur in that order, the bug is triggered - ADI cannot reestablish communication with CDA.  The first event causes likewise to gain control of the network sockets use to talk to CDA.  The second event causes ADI to relinquish control and try to reestablish the communication. However, when trying to reestablish communication, likewise already has the connection open and ADI cannot set up the new connection.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.