Cisco Bug: CSCuo78285 - ASA Traceback during failover config sync
Apr 16, 2020
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
100.11(3.11) 100.11(3.14) 9.1(5.10) 9.2(2)
Symptom: A firewall may cause a traceback and reload when trying to clear a portion or all of the configuration. This likely manifests during a configuration sync from an Active firewall. The first step of an config sync is to clear the existing local configuration in preparation for the re-sync of policies from the existing Active firewall. The Standby firewall will reload and attempt to re-sync its configuration from the Active resulting in another crash, thus starting a crash loop on the Standby firewall. Conditions: In a failover pair this may affect the Standby Firewall during config replication or it may affect the Active firewall if active removal of interface configuration is being done. From initial analysis it appears to be related to very large configurations with significant amounts of NAT configured.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases