Cisco Bug: CSCul14129 - DOC: Software IPS in promiscuous mode will cause underruns on ASA
Nov 27, 2020
- Cisco Adaptive Security Appliance (ASA) Software
Known Affected Releases
Symptom: The ASA can exhibit underruns on the internal-data interface going to the software IPS configured for promiscuous mode. The underruns for promiscuous mode IPS are expected behavior if we inspect a lot of traffic or have spikes in traffic rates. This is because the ASA will not wait for the IPS to finish inspection before forwarding traffic. It is also possible to have underruns if the IPS inspects long flows, like file downloads. Conditions: This only affects the ASA 5500-X platforms running a software IPS in promiscuous mode.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases