Cisco Bug: CSCuw21330 - ASA 9.4: ICMP Timeout of 2 seconds not applied for ICMP connections.
Aug 09, 2018
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
Symptom: A minimal delay is observed for the 2 second timeout to be applied for ICMP connections. Conditions: Underlying dynamic routing changes preventing ICMP reply to be received by inspection engine. All subsequent packets matching same tuple (IP, ID, SEQ) will match the existing connection. Problem is not seen on the operating systems using ID randomization for ICMP packets. Problem is seen on IOS, where the ICMP echos have exactly the same ID.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases