Guest

Preview Tool

Cisco Bug: CSCvh87031 - Deploy SNMPv3 users in FTD cluster send localized commands

Last Modified

Nov 04, 2019

Products (32)

  • Cisco Firepower Management Center
  • Cisco FirePOWER Appliance 8360
  • Cisco FirePOWER Appliance 7050
  • Cisco FirePOWER Appliance 8260
  • Cisco FirePOWER Appliance 8120
  • Cisco Firepower Management Center 2500
  • Cisco AMP 7150
  • Cisco FirePOWER Appliance 8130
  • Cisco AMP 8150
  • Cisco FirePOWER Appliance 8140
View all products in Bug Search Tool Login Required

Known Affected Releases

6.2.2.1 6.2.3

Description (partial)

Symptom:
In FTD cluster, when deploying any SNMPv3 user for auth or priv security models, the FMC sends localized commands. Eg.:
snmp-server user cisco Priv v3 engineID 80000009fea977bde5c69d6c8260948d2a1c17cf0741d40801 encrypted auth md5 c7:78:9b:be:e6:28:28:57:b5:5d:fc:d6:33:39:49:7d priv aes 128 c7:78:9b:be:e6:28:28:57:b5:5d:fc:d6:33:39:49:7d

In cluster environments, this command isn't propagated between units due the localized key and it generates a warning from classic ASA times:
WARNING: This command cannot be replicated because it contains localized keys.

As the configuration is only deployed to the master unit in the cluster and the command cannot be replicated any other command referring to the user willl fail and will cause a deployment error.

Conditions:
- FTD cluster
- SNMPv3 users for auth and priv security models
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.