Guest

Preview Tool

Cisco Bug: CSCus51289 - ASA: Traceback when removing manual NAT rule

Last Modified

Nov 09, 2016

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

8.4(5) 9.1(6)

Description (partial)

Symptom:
ASA: Traceback when removing manual NAT rule

Conditions:
The user must be removing a manual NAT rule from the configuration with the following characteristics:

1. The destination portion of the rule must contain an object with a large range of addresses
and
2. The rule must contain a service object

An example rule that may trigger this crash is:

object network src
host 192.168.10.1
object network dest
range 10.0.0.0 10.255.255.255
object service port
service tcp source eq 80
nat (inside,outside) source static src src destination static dest dest service port port
no nat (inside,outside) source static src src destination static dest dest service port port
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.