Cisco Bug: CSCup07330 - ASA: no auth prompt when accessing internet website using ASA-CX
Apr 16, 2020
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
Symptom: When a user launches a web browser to access an encrypted/non-encrypted web site on the internet through ASA-CX context filtering performing active authentication, no authentication prompt is received by the user resulting in a hung browser connection. Conditions: From left to right if the 3rd bit in the 2nd byte (3rd most significant bit in the 3rd hex nibble) of the mac address is set to one, the ASA will drop the SYN-ACK packet resulting in a failed TCP connection. Since the user's browser never establishes a TCP connection with the CX module, the user never receives an authentication prompt and this results in a hung browser connection.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases