Preview Tool

Cisco Bug: CSCuw21330 - ASA 9.4: ICMP Timeout of 2 seconds not applied for ICMP connections.

Last Modified

Sep 13, 2018

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases


Description (partial)

A minimal delay is observed for the 2 second timeout to be applied for ICMP connections.

Underlying dynamic routing changes preventing ICMP reply to be received by inspection engine. All subsequent packets matching same tuple (IP, ID, SEQ) will match the existing connection.

Problem is not seen on the operating systems using ID randomization for ICMP packets.
Problem is seen on IOS, where the ICMP echos have exactly the same ID.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.