Preview Tool

Cisco Bug: CSCuo73544 - ASA: CPU hog when configuring overlapping NAT rules

Last Modified

Nov 13, 2019

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases


Description (partial)

When configuring overlapping NAT rules, a CPU hog may be seen that lasts for several hundred milliseconds. This will be visible in the output of 'show proccess cpu-hog', as well as a syslog (%ASA-4-711004):

%ASA-4-711004: Task ran for 384 msec, Process = accept/http, PC = 42b6a0, Call stack =   0x000000000042b6a0  0x000000000128b205  0x000000000128b509  0x000000000128d7fd  0x00000000012947ad  0x0000000001296fc8  0x0000000001287662  0x0000000001279d9c  0x000000000127e43d  0x000000000113c121  0x00000000010fe532  0x00000000010ffc95  0x00000000004ba5c8  0x00000000004bad9c

This issue only occurs when configuring overlapping NAT rules.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.