Cisco Bug: CSCuo95074 - ASA AnyConnect failure or crash in SSL Client compression with low mem
Apr 16, 2020
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
Symptom: AnyConnect clients are able to connect, but get immediately disconnected. The following are seen in syslogs: %ASA-6-725007 SSL session with remote_device interface_name : IP_address / port terminated. %ASA-6-722023: Group group User user-name IP IP_address SVC connection terminated with compression %ASA-6-716058: Group group User user IP ip AnyConnect session lost connection. Waiting to resume. %ASA-5-722037: Group group User user-name IP IP_address SVC closing connection: Compression error. %ASA-6-722027: Group group User user-name IP IP_address SVC decompression history reset %ASA-6-716059: Group group User user IP ip AnyConnect session resumed. Connection from ip2 . %ASA-3-722021: Group group User user-name IP IP_address Unable to start compression due to lack of memory resources ASA can also crash with traceback pointing to "ssl_compress_record" when low memory is observed. Conditions: Compression is configured for AnyConnect.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases