Preview Tool

Cisco Bug: CSCur10186 - GDOI : KS to Print unsupported warning for RFC 3547 non-compliant ACL

Last Modified

Sep 14, 2019

Products (1)

  • Cisco IOS

Known Affected Releases


Description (partial)

GM is not showing "ip precedence value"  configured in KS ACL.

Create ACL with "ip precedence value"  or "port range" at KS.

Eg: KS ACL :
deny   ip any any precedence flash-override
deny   udp any any range 16000  20800

Check at a registered GM by running 'sh cry gdoi'.
The GM shows 'deny ip any any'  and "deny udp any any"  . It ignores the precedence/port range we specified in KS
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.