Cisco Bug: CSCut36948 - Access list applied not working as expected.
Apr 14, 2016
- Cisco MDS 9000 NX-OS and SAN-OS Software
Known Affected Releases
Symptom: Customer was able to confirm that the device was accepting ssh connections from hosts outside of the Rackspace network, even though the addresses were outside of scope of the access-list: show access-list vty-ord1 IP access list vty-ord1 10 remark Bastions 20 permit ip x.x.x.x/32 any 30 permit ip x.x.x.x/32 any 40 remark Zenoss 50 permit ip x.x.x.x 0.127.0.255 any 60 remark BackBone Dev 70 permit ip x.x.x.0/24 any 80 remark Autohost 90 permit ip x.x.x.0/24 any 100 remark FDaaT 110 permit ip x.x.x.0/28 any 120 permit ip x.x.x.x/32 any 130 permit ip x.x.x.x 0.127.0.31 any Conditions: Device was accepting ssh connections from hosts outside of the Rackspace network, even though the addresses were outside of scope of the access-list:
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases