Guest

Preview Tool

Cisco Bug: CSCuj34236 - ASA 8.4.6 sip pre allocation fails

Last Modified

Jan 09, 2017

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

8.4(6)

Description (partial)

Symptom:
Place a voice/video call from a 9971 phone on the outside of the ASA connected over sslvpn to the inside 9971 phone. The call should fail as sip should pre-allocate a connection from outside to outside based on the global routing table and same security command. Instead the call is successful and goes over the tunnel.

Conditions:
Negative testing:
-Remove the route inside 0 0 inside-swtich configuration statement
-Keep sip and skinny inspection in policy-map
-Configure same-security permit intra-interface command

route outside 0 0 outside-switch 1
route inside host AD inside-switch 1
route inside host ACS inside-switch 1
route inside 0 0 inside-swrich tunneled
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.