Guest

Preview Tool

Cisco Bug: CSCul11634 - ENH: ASR ZBFW should bypass connection table for asymmetric traffic

Last Modified

Aug 18, 2016

Products (1)

  • Cisco ASR 1000 Series Aggregation Services Routers

Known Affected Releases

15.3(3)S

Description (partial)

Symptom:
Currently, when the ASR ZBFW sees asymmetric traffic, it will try to match that traffic against any connection it hits in the connection table. This includes situations where the ingress traffic may not match the zone-pair associated with the connection.

The current behaviour is identified in the documentation bug CSCul11625.

This enhancement request is to allow the ASR to bypass the connection table completely for asymmetric traffic that may match an existing connection, thus allowing the PASS option to behave as expected.

Conditions:
None. This is an enhancement request to implement new features to the ASR.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.