Preview Tool

Cisco Bug: CSCvs52000 - COP File for TCP_SACK_workaround Prevents iptables Rules Update

Last Modified

Jun 22, 2020

Products (1)

  • Cisco Unified Communications Manager (CallManager)

Known Affected Releases

10.5(2.10000.5) 11.5(1.10000.6) 12.0(1.10000.10) 12.5(1.10000.22) 12.5(1.11900.146)

Description (partial)

If we add new Subscriber, installation of this subscriber will fail because firewall rules not being populated with records for new subscriber.

Also, adding a new SIP security profile with a new port will not work either because the new port will not be opened in the firewall rules.

This is happening despite Cluster Manager prints POLICY_INJECTED for new subs, in fact iptables rules cannot be updated anymore.

This happens on systems where ciscocm.CSCvq19683_TCP_SACK_workaround_v1.0.cop.sgn has been installed.

NOTE: This is only an issue on servers where the ciscocm.CSCvq19683_TCP_SACK_workaround_v1.0.cop.sgn has been installed. If a customer has upgrade to a full ISO release with the fix for CSCvq19683, there is no issue.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.