Guest

Preview Tool

Cisco Bug: CSCup76212 - ASA rewrites incorrect content-length in SIP message

Last Modified

Sep 03, 2020

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

8.4(7.20) 9.0(4.13) 9.1(5.7)

Description (partial)

Symptom:
A SIP receiver endpoint intermittently fails to parse a SIP message (e.g. INVITE) because of extra characters in the beginning of message, causing call failures
OR
A SIP receiver endpoint receives Malformed SIP message.

Conditions:
- SIP inspection is enabled on ASA.
- A SIP message sent by the sender contains a SIP payload. For example, XML dialog-info in NOTIFY packet. This message doesn't have to be the same message that was rejected by receiver. Any message sent previously in same connection can trigger the problem.
- That SIP payload (the XML portion, and not the message itself), contains a SIP URI. For example, sip:12345@X.X.X.X:5060. 
- The ASA is to rewrite the SIP URI using a PAT (Port Address Translation) rule.
- The port that ASA chooses for Port Address Translation (PAT) of URI, is different from the original port in the URI.
Note: Sometimes, the URI doesn't contain any port. It is assumed to be 5060 in those cases.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.