Guest

Preview Tool

Cisco Bug: CSCup98600 - WAAS TACACS+ packets contain DNS name in the Remote Address field

Last Modified

Sep 13, 2019

Products (1)

  • Cisco Wide Area Application Services (WAAS) Appliances

Known Affected Releases

4.3(1) 4.4(5d)

Description (partial)

Customer faced the issue in version this is supposed to fix and this is a valid requirement.

Symptom:
WAAS sends FQDN name of the client machine instead of IP address in TACACS packet in ?REMOTE ADDRESS? field. Customer has rules for IP address and they don't hit because of WAAS sending the name.

The behavior is same in 4.3.1.6 and 4.4.5d.5. For Telnet it sends IP address. It seems that WAAS performs reverse dns lookup on client IP and sends the information when we do SSH. When you remove ip name-server x.x.x.x? from the WAAS, it send IP address for both telnet and SSH.

Conditions:
WAAS sends FQDN name of the client machine instead of IP address in TACACS packet in ?REMOTE ADDRESS? field. Customer has rules for IP address and they don't hit because of WAAS sending the name.

The behavior is same in 4.3.1.6 and 4.4.5d.5. For Telnet it sends IP address. It seems that WAAS performs reverse dns lookup on client IP and sends the information when we do SSH. When you remove ip name-server x.x.x.x? from the WAAS, it send IP address for both telnet and SSH.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.