Guest

Preview Tool

Cisco Bug: CSCvr92291 - Active unit transitioning to standby state should not accept SSL/DTLS connections

Last Modified

Oct 23, 2020

Products (1)

  • Cisco Adaptive Security Appliance (ASA) Software

Known Affected Releases

9.12(1) 9.13(1.10) 9.8(3) 9.8(3.8)

Description (partial)

Symptom:
Restoration of SSL VPN connectivity/services after ASA failover may be delayed for 20 or more seconds due to the fact that the active unit transitioning to standby state gracefully terminates existing SSL/DTLS client sessions, while still accepting new incoming SSL/DTLS client sessions. This behavior might result in delayed restoration of SSL VPN connectivity/services.

Conditions:
All of the conditions must be met:

1. ASA in a failover configuration
2. SSL VPN with DTLS

Related Community Discussions

AnyConnect Client Upgrade
PID: ASA5525 Software Version: 9.6(4)3 --------------------------------------------------------------------------- VPN Licenses and Configured Limits Summary --------------------------------------------------------------------------- Status : Capacity : Installed : Limit ----------------------------------------- AnyConnect Premium : ENABLED : 750 : 25 : NONE AnyConnect Essentials : DISABLED : 750 : 0 : NONE Other VPN (Available by Default) : ENABLED : 750 : 750 : NONE Shared License Server : DISABLED ...
Latest activity: May 22, 2020
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.